CVE-2015-5685 Information

Description

The lazy_bdecode function in BitTorrent DHT bootstrap server (bootstrap-dht ) allows remote attackers to execute arbitrary code via a crafted packet related to \improper indexing.\

Reference

http://www.zerodayinitiative.com/advisories/ZDI-15-366/ http://www.zerodayinitiative.com/advisories/ZDI-15-367/ https://github.com/bittorrent/bootstrap-dht/commit/e809ea80e3527e32c40756eddd8b2ae44bc3af1a