Fwd: Kazaa file corruption

From: Russell S/nillion42 (nillion42at_private)
Date: Wed Mar 05 2003 - 10:50:55 PST

Next message: Blue Boar: "Re: Fwd: Kazaa file corruption"

Previous message: b0f www.b0f.net: "Re: gtali Segmentation fault"
Next in thread: Blue Boar: "Re: Fwd: Kazaa file corruption"
Reply: Blue Boar: "Re: Fwd: Kazaa file corruption"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--- the forwarded message follows ---

attached mail follows:

Hi Bill, Could you post this to the vuln-dev mailing list? The address is vuln-devat_private David Mirza Ahmad Symantec "sabbe dhamma anatta" 0x26005712 8D 9A B1 33 82 3D B3 D0 40 EB AB F0 1E 67 C6 1A 26 00 57 12 On 4 Mar 2003, Bill Hendron wrote: > > > Problem: > Lack of file checksum in kazaa leads to the ability to > spread corrupted files and corrupt the dowload of any file. > > Method: > By deleting(replacing with hex 00) the data from a mp3 > file and leaving the headers you can create a file > which has identical filesize (kazaa checks filesize). > When a kazaa user downloads a file, multiple download > streams can be used, if a stream is created to the > corrupted file, it will make the download useless once > finished not readily appraent until download is complete. > > Additional: > On modems and other areas where compression is used, > this can lead to the file traveling at rapid speeds > (greater than 20kps on a 56k modem). This could cause > the files that are corrupted file or corrupted portions > to spread rapdily to other users before the user has a > chance to check the quality of the file and delete it. > > > -Bill Hendron >

Next message: Blue Boar: "Re: Fwd: Kazaa file corruption"
Previous message: b0f www.b0f.net: "Re: gtali Segmentation fault"
Next in thread: Blue Boar: "Re: Fwd: Kazaa file corruption"
Reply: Blue Boar: "Re: Fwd: Kazaa file corruption"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Mar 05 2003 - 11:57:40 PST