VULHUB ™

BNBT BitTorrent Tracker versions Beta 7.5 release 2 and prior are affected by a flaw related to decoding of HTTP Basic Authentication credentials (util.cpp). If a client transmits to the server the credential string "A==", the server will crash. A check has been introduced in version 73_20040521 that will log exploitation attempts and return prematurely if a request is made with credentials "A==". This may not be enough to eliminate the vulnerability entirely. Version Beta 7.5 Release 3 removes the likely vulnerable code, but may break authentication on Big Endian systems.

BNBT BitTorrent Tracker versions Beta 7.5 release 2 and prior are affected by a flaw related to decoding of HTTP Basic Authentication credentials (util.cpp). If a client transmits to the server the credential string "A==", the server will crash. A check has been introduced in version 73_20040521 that will log exploitation attempts and return prematurely if a request is made with credentials "A==". This may not be enough to eliminate the vulnerability entirely. Version Beta 7.5 Release 3 removes the likely vulnerable code, but may break authentication on Big Endian systems.