GOOGLE'S PROJECT ZERO has uncovered a "critical flaw" in the Transmission BitTorrent app that could give cybercrooks complete control of users' computers.
According to Project Zero, the client is vulnerable to a DNS re-binding attack that effectively tricks the PC into accepting requests via port 9091 from malicious websites that it would (and should) ordinarily ignore.
The flaw could enable attackers to execute all kinds of attacks, including remote code execution, and works in both Chrome and Firefox on Windows and Linux PCs. Other browsers will almost certainly be vulnerable too.
Writing on Twitter, Ormandy said this is "first of a few remote code execution flaws in various popular torrent clients". Before publishing details of this attack, Google Project Zero reached out to Transmission, which has since released a patch.
First of a few remote code execution flaws in various popular torrent clients, here is a DNS rebinding vulnerability Transmission, resulting in arbitrary remote code execution. https://t.co/kAv9eWfXlG— Tavis Ormandy (@taviso) January 11, 2018
Publicising details of the attack appears to have done the trick of forcing the developers to rush out a patch, but this has not been applied in all the software that uses the Transmission protocol, Ormandy warned.
In a follow up to his original November post warning of a security vulnerability, Ormandy last week wrote: "I'm finding it frustrating that the Transmission developers are not responding on their private security list, I suggested moving this into the open so that distributions can apply the patch independently. I suspect they won't reply, but let's see.
"I've never had an open-source project take this long to fix a vulnerability before, so I usually don't even mention the 90-day limit if the vulnerability is in an open source project.
"I would say the average response time is measured in hours rather months if we're talking about open source."
Transmission is one of a number of BitTorrent peer-to-peer file sharing clients.
Rather than a centralised hub-and-spoke system for distributing files and data, shared files are decentralised, but publicised via the software that utilises the protocol. If anyone in the network wants a file, it is downloaded in 'pieces' from the source or sources.
Peer-to-peer file sharing, however, has gained a reputation as a distribution mechanism for pirated software, television shows and films.
However, the protocol is also used for many legitimate file-distribution purposes, such as software and other downloads by legitimate vendors in order to reduce the stresses on networks that more centralised distribution systems can cause. µ
But it might never see the light of a PC bay
It's nothing we haven't seen before, but it's still the best iPhone yet
Firm gives scanner flaw the finger
Ermine is the same but stoat-ally different