Visualizza versione completa : eMule Plus W. Server detection DecodeBase16 buffer overflow

09-05-2004, 15.35.57
Test ID: 12233 View Source
Category: Peer-To-Peer File Sharing
Title: eMule Plus Web Server detection
Summary: Detect eMule Web Server
eMule Web Server works on this port. Some versions of this P2P client
are vulnerable to a DecodeBase16 buffer overflow which would allow an
attacker to execute arbitrary code.

Thanks to Kostya Kortchinsky for his posting to bugtraq.

Known Vulnerable clients:
eMule 0.42a-d
eMule 0.30e
eMulePlus <1k

See also : http://security.nnov.ru/search/news.asp?binid=3572

* Note: This script only checks if port 4711 is open and if
it reports banner which contains string eMule. *

Solution: disable eMule Web Server or upgrade to a bug-fixed version
(eMule 0.42e, eMulePlus 1k or later)

Risk factor : High
Cross-Ref: BugTraq ID: 10039

Fonte: http://www.securityspace.com/smysecure/last30.html