The flaw has been found in both the SETI (Search for Extra Terrestrial Intelligence) client and server software. According to an advisory, the successful breach of the main server could result in the compromise of all SETI@home clients.
"Do understand that successful exploitation of the bug in the server would offer a platform from which ALL SETI@home clients can be exploited," it says.
The SETI@home project uses distributed processing to analyse radio-telescope data. The client software, in the form of a screen saver, downloads raw data collected by the telescope and scours it for intelligent signals embedded in it.
This type of number crunching is quite computationally intensive, but with around 4.3 million users, 100,000 of which are Australian, the researchers are able to make the most of the world's idle processing power. The SETI website explains the logic:
"While you are getting coffee, or having lunch or sleeping, your computer will be helping the Search for Extraterrestrial Intelligence by analyzing data specially captured by the world's largest radio telescope," it says.
Users of the software can download a patch here.
Melbourne based web designer Sean Rainey has used the SETI client for about two years.
He lightheartedly says that intelligent extraterrestrials may have used the vulnerability already in order to smudge the project's findings.
"It's clear as day," he told ZDNet Australia, "they're quite happy just being left alone".
