[SA18980] MUTE P2P File Sharing Host Selection Weakness

TITLE:
MUTE P2P File Sharing Host Selection Weakness

SECUNIA ADVISORY ID:
SA18980

VERIFY ADVISORY:
http://secunia.com/advisories/18980/

CRITICAL:
Not critical

IMPACT:
Security Bypass

WHERE:
>From remote

SOFTWARE:
MUTE 0.x
http://secunia.com/product/8279/

DESCRIPTION:
Gary Whetstone has reported a weakness in MUTE, which potentially can
be exploited by malicious people to bypass certain security
restrictions.

A design weakness in the MUTE client causes it to select hosts to
connect to based on 10 random hosts that are retrieved from a single
mWebCache. This can potentially be exploited to cause MUTE to connect
to malicious hosts if the mWebCache has been populated with addresses
of malicious hosts.

Successful exploitation discloses the identity of the MUTE client.

The weakness has been reported in 0.4.1. Other versions may also be
affected.

SOLUTION:
The weakness will reportedly be fixed in the next release.

PROVIDED AND/OR DISCOVERED BY:
Gary Whetstone

ORIGINAL ADVISORY:
http://cvs.sourceforge.net/viewcvs.py/mute-net/MUTE/doc/notes/notes.txt?view=markup

---

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.