Ormandy explained this process in detail in his proof of concept. For example, an attacker can create a malicious website and give it the same DNS name as the local IP address of the computer running uTorrent. With a DNS rebinding attack, attackers inject malicious code on a user’s computer when that user interacts with an anonymous website. This latest vulnerability in uTorrent can be exploited using a hacking method called DNS rebinding. These ports help users access these apps over any browser, but these RPC servers can allow attackers to remotely take control of the torrent application with minimal user input. UTorrent uses ports 1005 to host the HTTP RPC Server. uTorrent vulnerability: Possible exploits He disclosed the vulnerability to BitTorrent Inc. Tavis Ormandy, a Google Project Zero researcher, found remote code execution vulnerabilities in the Windows desktop version of uTorrent, as well as the web version of uTorrent, back in December 2017. A crucial vulnerability in popular downloading software uTorrent is one of the latest cybersecurity stories. Security vulnerabilities have become headline news, and not just in the IT world.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |