![]() Theoretically exploits can be created for clients running in passive mode, too, using possible additional weaknesses in various hub software. The victim should not need to initiate searches and the attacker should not need to be logged on to a hub for a successful exploitation altough the obvious place for finding victims and collecting attack surface information are the DC hubs.Ĭlients configured to a working active connectivity mode are the easiest targets, especially when logged in to any kind of Direct Connect hubs. It fixes a serious remotely exploitable vulnerability that would crash the client if a malicious attacker sends trivially compilable malformed search result messages. DC++ 0.867 has been released and also marked as the stable release.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |