mersenneforum.org  

Go Back   mersenneforum.org > Great Internet Mersenne Prime Search > PrimeNet

Reply
 
Thread Tools
Old 2003-04-09, 15:27   #1
S78496
 
S78496's Avatar
 
Nov 2002

11 Posts
Default Vulnerability in SETI@home - Is PrimeNet likewise vulnerable

This came to my attention recently.

Security flaw hits SETI@home - Updated: The flaw means that an attack could target any of the distributed computing project's millions of clients around the world

Anyone know about PrimeNet's design/practices in this regard?
S78496 is offline   Reply With Quote
Old 2003-04-09, 16:49   #2
crash893
 
crash893's Avatar
 
Sep 2002

4508 Posts
Default

im going to have to say no

1) it was only seti in screen saver mode

prime doesnt have that so i would say no

2) prime95 doesnt have an option to auto update so some one cant hijack the server and send you and updated trojan or something
crash893 is offline   Reply With Quote
Old 2003-04-09, 16:53   #3
cperciva
 
Oct 2002

4310 Posts
Default

I doubt prime95 has any vulnerabilities quite that obvious, but history demonstrates that anything not written by DJB is likely to have some security issues... that said, George is a pretty good coder, and the source code is publicly available, so I'd have to characterize the risk as low.

Still, cases like this make it clear that company-wide "no distributed computing" policies may be entirely justified.
cperciva is offline   Reply With Quote
Old 2003-04-11, 11:20   #4
ET_
Banned
 
ET_'s Avatar
 
"Luigi"
Aug 2002
Team Italia

2·2,383 Posts
Default

Here is the description of the vulnerability related to Seti@home clients and server.

HTH
----------------
Vulnerable versions:
All versions under 3.08

The seti@home clients use the HTTP protocol to download new work units, user information and to register new users. The implementation leaves two security vulnerabilities:

1) All information is sent in plaintext across the network. This information includes the processor type and the operating system of the machine seti@home is running on.

Sniffing the information exposed by the seti@home client is trivial and very useful to a malicious person planning an attack on a network. A passive scan of machines on a network can be made using any packet sniffer to grab the information from the network.

2) There is a buffer overflow in the server responds handler. Sending an overly large string followed by a newline ('\n') character to the client will trigger this overflow. This has been tested with various versions of the client. All versions are presumed to have this flaw in some form.

All tested clients have similar buffer overflows, which allowed setting eip to an arbitrary value which can lead to remote code execution. An attacker would have to reroute the connection the client tries to make to the seti@home webserver to a machine he or she controls. This can be done using various widely available spoofing tools. Seti@home also has the ability to use a HTTP-proxy, and an attacker could also use the machine the PROXY runs on as a base for this attack. Routers can also be used as a base for this attack.

3) A similar buffer overflow seems to affect the main seti@home server at shserver2.ssl.berkeley.edu. It closes the connection after receiving a too large string of bytes followed by a '\n'.

Exploitation of the bug in the server has not been tested. It should be note that a successful exploitation of the bug in the server would offer a platform from which all seti@home clients can be exploited.
-------

Luigi
ET_ is offline   Reply With Quote
Reply

Thread Tools


Similar Threads
Thread Thread Starter Forum Replies Last Post
mersenneforum.org vulnerable to ♥-burp tServo Forum Feedback 5 2014-04-12 02:35
No aliens detected by SETI because radio sucks? jasong jasong 9 2013-01-14 09:53
SETI Shutting Down (hopefully only temporarily) jinydu Lounge 2 2011-04-27 14:42
NEZ - fired for running SETI@Home em99010pepe Lounge 0 2009-12-02 20:54
A little Seti moo Lounge 12 2005-12-21 21:18

All times are UTC. The time now is 15:11.

Sun Sep 20 15:11:31 UTC 2020 up 10 days, 12:22, 1 user, load averages: 2.04, 1.71, 1.53

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.

This forum has received and complied with 0 (zero) government requests for information.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.
A copy of the license is included in the FAQ.