RE: Reported Kazaa and Morpheus vulnerabilities

["leon" <leon () inyc com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I don't understand what the big deal is.  I pointed this out on this
list almost 3 months ago in regards to limewire.  You can find the
thread with the subject limewire unauthorized cookie disclosure. 
People have been sharing there hardrives inappropriately for some
time now.

I don't get it why this is suddenly so important.

Cheers,

Leon

- -----Original Message-----
From: tfm () tfm org [mailto:tfm () tfm org] 
Sent: Monday, February 04, 2002 5:06 AM
To: vuln-dev () securityfocus com
Subject: Re: Reported Kazaa and Morpheus vulnerabilities

Under search menu select "everything" and search for system.ini to
see how
many users share windows directory.
This morning I've found 10 users with 428273 online users.
You can easily find the ip of these ones and browse their hd.
Maybe it's better if someone release a patch to disable "c:\windows"
sharing
or a simple popup alert windows...
Bye

TfM

- ----- Original Message -----

> RE the article on the BBCs website at
> http://news.bbc.co.uk/hi/english/sci/tech/newsid_1798000/1798095.stm
>
> I just searched the archives at Securityfocus and CERT and neither
produced
> any relavent results
>
> I mean, pointing a browser to http://ip_address:1214/ does give a
> list of files... it gives the list of files that you're sharing. So
> what?
>
> Anyone know anything about this?
>
> Harry M


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPGAFhtqAgf0xoaEuEQJRHACfao6xjP++NH32NUe1MNkFzkCy+TAAnRQq
3rl1eJRV8yWv3bAXRoHFlDni
=c+Ga
-----END PGP SIGNATURE-----