Thank you for your donation


Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Problem: Remote control vulnerability found in Kodi :(
24th May, 2017, 10:37 AM
Post: #1
Remote control vulnerability found in Kodi :(
According to CheckPoint Security it's possible to take remote control of any machine running Kodi up to 17.1 (and other media players also...)

I've read some comments that Kodi 17.2 source is available to compile on Github and removes this vulnerability.

Any thoughts ?

:) :)
Find all posts by this user
Quote this message in a reply
24th May, 2017, 11:13 AM
Post: #2
RE: Remote control vulnerability found in Kodi :(
(24th May, 2017 10:37 AM)Exnor Wrote:  According to CheckPoint Security it's possible to take remote control of any machine running Kodi up to 17.1 (and other media players also...)

I've read some comments that Kodi 17.2 source is available to compile on Github and removes this vulnerability.

Any thoughts ?

Please be patient, 17.2 has been commited 10hrs ago Smile New version will be available ASAP
Find all posts by this user
Quote this message in a reply
25th May, 2017, 12:50 AM
Post: #3
RE: Remote control vulnerability found in Kodi :(
(24th May, 2017 11:13 AM)Nachteule Wrote:  Please be patient, 17.2 has been commited 10hrs ago Smile New version will be available ASAP

Lol i'm good. I don't use subtitles Tongue I just wanted to know if you guys knew about this issue and to spread awareness about it.

:) :)
Find all posts by this user
Quote this message in a reply
25th May, 2017, 02:07 AM
Post: #4
RE: Remote control vulnerability found in Kodi :(
I was aware of this commit, but did not know anything about remote control of any machine running Kodi up to 17.1

But anyway, 17.2 is currently build on our vps and btw, if you're using the standard addon repos, this will never happen Dodgy
Find all posts by this user
Quote this message in a reply
25th May, 2017, 08:39 AM
Post: #5
RE: Remote control vulnerability found in Kodi :(
(25th May, 2017 02:07 AM)Nachteule Wrote:  I was aware of this commit, but did not know anything about remote control of any machine running Kodi up to 17.1

But anyway, 17.2 is currently build on our vps and btw, if you're using the standard addon repos, this will never happen Dodgy

But according to Checkpoint the vulnerability is used (exploited?) by loading an external subtitle file, they even demo using opensubtitles.org.
So even without using any addon anyone might be at risk if the subs file is "tampered" right?

:) :)
Find all posts by this user
Quote this message in a reply
25th May, 2017, 11:04 PM
Post: #6
RE: Remote control vulnerability found in Kodi :(
Yeah, maybe it is possible, but they did not report that this has ever happened.

For me this article sounds more like hot air Angel

Anyway, 17.2 has been built and is available for update Smile
Find all posts by this user
Quote this message in a reply
26th May, 2017, 09:27 AM
Post: #7
RE: Remote control vulnerability found in Kodi :(
Nice Smile

Well the recent ransomware based on smb bug did not happen until the exploit was made public so... it doesn't hurt to be careful right ?
Don't want my Pi being hijack to a botnet Tongue

:) :)
Find all posts by this user
Quote this message in a reply
6th Jun, 2017, 08:12 PM
Post: #8
RE: Remote control vulnerability found in Kodi :(
(26th May, 2017 09:27 AM)Exnor Wrote:  Nice Smile

Well the recent ransomware based on smb bug did not happen until the exploit was made public so... it doesn't hurt to be careful right ?
Don't want my Pi being hijack to a botnet Tongue

Only last year, about six hundred thousand Britons found much of their personal information online for only £19, following a hack and the resulting data breach on the British telecommunications firm TalkTalk. The situation gets even worse since British travellers too aren’t spared by these digital fugitives. Learn More

https://www.purevpn.com/blog/how-to-protect-personal-information-online/
Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump: