New User? Need help? Click here to register for free! Registering removes the advertisements.

Computer Cops
image image image image image image image image
Prime Choice
· TechTV!
· Head Lines
· CCSP News Ltrs
· Dnld of the Week!
· Find a Cure!
· Ian T's (AR 16)
· Marcia's (OP12)
· Bill G's (CO3)
· Paul's (AR 5)
· Ian T's Archive
· Marcia's Archive
· Bill G's Archive
· Paul's Archive
image
Security Central
· Home
· Wireless
· Bookmarks
· CLSID
· Columbia
· Community
· Downloads
· Encyclopedia
· Feedback (send)
· Forums
· Gallery
· Giveaways
· HijackThis
· Journal
· Members List
· My Downloads
· PremChat
· Premium
· Private Messages
· Proxomitron
· Quizz
· Recommend Us
· RegChat
· Reviews
· Search
· Sections
· Software
· Statistics
· Stories Archive
· Submit News
· Surveys
· Top
· Topics
· Web Links
· Your Account
image
CCSP Toolkit
· Email Virus Scan
· UDP Port Scanner
· TCP Port Scanner
· Trojan TCP Scan
· Reveal Your IP
· Algorithms
· Whois
· nmap port scanner
· IPs Banned [?]
image
Survey
Which Anti-Virus product do you use?
Computer Associates
Eset (NOD32)
F-Secure
Frisk (F-Prot)
Grisoft (AVG)
Kaspersky
Network Associates (McAfee)
Panda
Sophos
Symantec (NAV)
Trend Micro
Other



Results
Polls

Votes: 15127
Comments: 124
image
Donations
image
Translate
English German French
Italian Portuguese Spanish
Chinese Greek Russian
image
Hosted By
Computer Cops is a satisfied customer of [ JaguarPC ]
image
image hole: P2P: KaZaA Lunches Ads in the Wrong Security Zone image
Security Hole
A security vulnerability in the KaZaA causes it to launch its ads in the local zone. This would allow a potential attacker to execute scripts embedded inside the ads with elevated privileges.

KaZaA was contacted 6 Jan 03 via their bug report page.

Workaround:
To immunize KaZaA from this defect you should remove the permissions from the directory it launches ads from. This has a nice side effect of not showing ads. The directory to secure is: %WinDir%AdCache

Securiteam
Posted on Wednesday, 08 January 2003 @ 11:56:02 EST by Paul
image

 
Login
Nickname

Password
· New User? ·
Click here to create a registered account.
image
Related Links
· TrackBack (0)
· HotScripts
· W3 Consortium
· More about Security Hole
· News by Paul
Most read story about Security Hole:
Windows Media Player, Spyware and Trojan

image
Article Rating
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent

image
Options

Printer Friendly Page  Printer Friendly Page

Send to a Friend  Send to a Friend
image
"Login" | Login/Create an Account | 1 comment | _SEARCHDIS
Threshold
  
The comments are owned by the poster. We aren't responsible for their content.

Re: KaZaA Lunches Ads in the Wrong Security Zone (Score: 1)
by ([email protected])  on Tuesday, 21 January 2003 @ 09:43:48 EST
(User Info | Send a Message)
Another method to plug this hole and having the same nice side effect of stopping the ads from displaying, is to delete the AdCache folder and replace it with a read-only file also named AdCache


[ Reply to This ]
Home · Topics · Submit News · Top 10
This entire site, Cops Themes, and Computer Cops are © 2002 - 2004 Computer Cops, LLC. All rights reserved.
You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0.
Acceptable Use Policy. Use signifies your agreement.
Engine Copyright © 2002 by PHP-Nuke, GNU/GPL Licensed. ICRA Member.
Paul Laudanski, Member of Computer Cops, LLC
Server Load: 984 pages served in previous 5 minutes. Page Generation: 0.325 seconds.