Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Reported Kazaa and Morpheus vulnerabilities

From: Sebastian Ip <9scki () qlink queensu ca>
Date: Mon, 4 Feb 2002 00:59:17 -0500
On Monday 04 February 2002 12:31 am, HarryM wrote:

RE the article on the BBCs website at
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1798000/1798095.stm

I just searched the archives at Securityfocus and CERT and neither produced
any relavent results

I mean, pointing a browser to http://ip_address:1214/ does give a list of
files... it gives the list of files that you're sharing. So what?

Anyone know anything about this?

Harry M


It's a piece of FUD from unqualified journalist picking up whatever is told 
to them somewhere on the internet.

Basically the problem is if you are stupid enough to share your whole drive 
and say you run morpheus on a production windows server as administrator or 
with admin rights then someone can grab anything they want from your machine. 
Otherwise it's just stupid. Maybe someone's passport cookie will be stolen 
and their credit card used to buy porn online. But nothing more.

Cheers

Sebastian Ip
Previous By Date Next
Previous By Thread Next

Current thread: