Security Incidents mailing list archives

Re: KazaaLite 2.0.2 Build 1

From: "Alex Lambert" <alambert () quickfire org>
Date: Wed, 4 Jun 2003 10:02:59 -0500

...There is absolutely nothing
to keep them from making their own kazaa.exe or whatever and sharing
the trojaned version...


False. MD5 checksums are used, and there are some issues that in practice
would prevent this from happening.

See http://archives.neohapsis.com/archives/vuln-dev/2002-q1/thread.html#455




Alex Lambert
alambert () quickfire org

----- Original Message -----
From: "Jimi Thompson" <jimit () myrealbox com>
To: "matt" <tool8185 () adelphia net>; "security focus"
<incidents () securityfocus com>
Sent: Tuesday, June 03, 2003 10:05 PM
Subject: Re: KazaaLite 2.0.2 Build 1




----------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

KazaaLite 2.0.2 Build 1 matt (Jun 02)
- Re: KazaaLite 2.0.2 Build 1 p00p (Jun 03)
- Re: KazaaLite 2.0.2 Build 1 Jimi Thompson (Jun 04)
  - Re: KazaaLite 2.0.2 Build 1 Alex Lambert (Jun 05)
- <Possible follow-ups>
- FW: KazaaLite 2.0.2 Build 1 drake insurance (Jun 04)