1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

CNet CatchUp Remote Arbitrary Code Execution Vulnerability.

Discussion in 'Security and Privacy' started by Admin., 2002/02/06.

Thread Status:
Not open for further replies.
  1. 2002/02/06
    Admin.

    Admin. Administrator Administrator Staff Thread Starter

    Joined:
    2001/12/30
    Messages:
    6,687
    Likes Received:
    107
    CNET Catchup is a highly customizable utility for retrieving software updates for various products. It runs on Microsoft Windows 9x/ME/NT/2000/XP platforms.

    A vulnerability has been discovered that may allow a remote attacker to execute arbitrary code on the host running CNET Catchup. Additionally, it may be possible for an attacker to remotely start the CNET Catchup utility.

    Successful exploitation of this issue may result in a full compromise of the host running the vulnerable software.

    More...
     
    Admin.,
    #1
  2. 2002/02/08
    Newt

    Newt Inactive

    Joined:
    2002/01/07
    Messages:
    10,974
    Likes Received:
    2
    Interesting that XP Pro was the only OS version not listed as having a problem with the 1.3 release. Any idea why? XP Home was listed.
     
    Newt,
    #2


  3. to hide this advert.

  4. 2002/02/11
    Arie

    Arie Administrator Administrator Staff

    Joined:
    2001/12/27
    Messages:
    15,174
    Likes Received:
    412
    I think it's a mistake, as the code of both OS'ses is the same, so I'd think that XP Prof. would be vulnerable too....
     
    Arie,
    #3
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...