Why DC++ 0.674 is Insecure
March 12, 2011 Leave a comment
DC++ 0.674 remains surprisingly popular. However:
- It can be trivially remotely crashed by any other user on an NMDC hub via a client-client connection (fixed since DC++ 0.707).
- Filelists can be constructed to crash it (fixed since DC++ 0.760).
- It can both corrupt downloads and be caused to crash via bad TTH data (fixed since DC++ 0.762).
- Its bzip2 library version allows denial of service and arbitrary code execution (fixed since DC++ 0.780).
- Malformed usercommands can crash it (fixed since DC++ 0.782).
These reasons all apply to any vaguely modern client older than DC++ 0.707 (and the last three to clients through 0.75), actually, but 0.674 seems to have kept the most users of those old versions so I target it specifically. Instead, it’s much safer to use a currently-maintained client; if one prefers a pre-DC++ 0.7xx style GUI, one might look at StrongDC++ or any of its descendants.