[Linuxdcpp-team] [Bug 1502650] Re: DC++ 0.851 - Arbitrary code execution

This will add a prompting dialog that appear as http://imgur.com/8IgJLkZ The text is a combination of Internet Explorer and Chrome warning texts. Note that, per the patch, the following is excluded: * http:, *https: * www. * mailto: ** Patch added: "dcpp_validateopenlink.diff" https://b

[Linuxdcpp-team] [Bug 1306825] Re: Hide hubs from the hublist which the user is already connected to

This patch will only update the hub that needs to be changed. I don't see any performance difference at all with this. I also updated the favorite hubs frame to be the same (nothing/unconnected/connected). ** Patch added: "dcpp_pubhubsstatus2.diff" https://bugs.launchpad.net/dcplusplus/+bug/1

[Linuxdcpp-team] [Bug 1502650] Re: DC++ 0.851 - Arbitrary code execution

I don't think a scheme whitelist is a good approach, we can't anticipate what users might input (and what protocols they will use). Testing with Chrome and IE, I get a prompt dialog for protocols it cannot possible know of (adc://). I believe a prompt dialog is sufficient for the most part here as

[Linuxdcpp-team] [Bug 1485356] Re: After updating to Windows 10, can no longer download from other users.

Finally beeing able to test with the latest MiniUPnPc (thanks to cologic). It still doesn't work on Win10 for me while there's multiple reports by now that with clients equipped with even older lib versions it does work for others. It'd be nice to see a connectivity detection log from the origina

[Linuxdcpp-team] [Bug 1502650] Re: DC++ 0.851 - Arbitrary code execution

Regarding to "UNC paths" its only example of exploit vector, not main problem. What Fredrik wrote makes seanse. Lack of prompt on click maybe can solve the problem. But please remember that ::ShellExecute scheme/link have permissions from parent DC++ process (process explorer on screen post #1) wh

[Linuxdcpp-team] [Bug 1502650] Re: DC++ 0.851 - Arbitrary code execution

I'll attempt to clarify a few things (after some testing). It is possible create any form of link that will appear in DC++, e.g. writing "foo://bar" will cause DC++ to show a clickable link. The only way to execute that link from basic out-of-the-box behaviour is that the user is required to doubl

[Linuxdcpp-team] [Bug 1502650] Re: DC++ 0.851 - Arbitrary code execution

Exactly my thoughts poy. Like the recent rar exploit that's been in the headlines absolutely unnecessarily; if you click a malicious link or download and install a malicious executable yourself, well, it has always been the users' responsibility. Combined the chat link with unicode quirks can r

[Linuxdcpp-team] [Bug 1502650] Re: DC++ 0.851 - Arbitrary code execution

Link is correct, Look to PoC: certificate details: CN=\x0D\x0Ahttp://www.troll.me/images/are-you-fucking-kidding-me/srsly.jpg"; />\x0D\x0A\x0D\x0AClick Here Its the same PoC with file:// scheme. -- You received this bug notification because you are a member of Dcplusplus-team, which is subscri

[Linuxdcpp-team] [Bug 1502650] Re: DC++ 0.851 - Arbitrary code execution

you got the wrong link - that one is about HTML embedded in a field of certificates. ;) what I wrote above is my opinion of this after a quick research - I would like to know what others in the DC++ team think. -- You received this bug notification because you are a member of Dcplusplus-team, wh

[Linuxdcpp-team] [Bug 1502650] Re: DC++ 0.851 - Arbitrary code execution

I think maybe it is worth to fix. Please tell me about whether it will be fixed, or not. Thanks -- You received this bug notification because you are a member of Dcplusplus-team, which is subscribed to DC++. https://bugs.launchpad.net/bugs/1502650 Title: DC++ 0.851 - Arbitrary code execution

[Linuxdcpp-team] [Bug 1502650] Re: DC++ 0.851 - Arbitrary code execution

Similar issue reported on Avast software, and fixed by Avast, https://code.google.com/p/google-security-research/issues/detail?id=546 a few days ago. ** Bug watch added: code.google.com/p/google-security-research/issues #546 https://code.google.com/p/google-security-research/issues/detail?id=54

[Linuxdcpp-team] [Bug 1502650] Re: DC++ 0.851 - Arbitrary code execution

from what I understand by reading , this is well mitigated by the "UNC Hardened Access" feature that has been introduced. "Even 3rd party applications and services can take advantage of this new f

[Linuxdcpp-team] [Bug 1502650] [NEW] DC++ 0.851 - Arbitrary code execution

*** This bug is a security vulnerability *** Private security bug reported: Details and PoC: http://kacperrybczynski.com/research/dcpp_851_arbitrary_code_execution/ By supplying an UNC path in the *.dcext plugin file or main/pm hub chat, a remote file will be automatically downloaded, which can

[Linuxdcpp-team] [Bug 911877] Re: Bugged window opens when closing a pm while notifications are running

I went ahead and pushed the patch in comment #1, I guess we will have to see the next release if the reporter is still experiencing problems (either for this bug or for bug 1251911). -- You received this bug notification because you are a member of Dcplusplus-team, which is subscribed to DC++. ht

[Linuxdcpp-team] [Bug 1473791] Re: Support encoding in NMDC hubs

Added. -- You received this bug notification because you are a member of Dcplusplus-team, which is subscribed to DC++. https://bugs.launchpad.net/bugs/1473791 Title: Support encoding in NMDC hubs Status in DC++: Fix Committed Bug description: DC++ does not currently properly support the