1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. TCP Net Transport eDonkey Stack BO

TCP Net Transport eDonkey Stack BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detect arbitrary code execution in Net Transport eDonkey protocol.

Additional Information

Net Transport is a downloading manager.

The application is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Specifically, this issue occurs when processing specially crafted eDonkey 'OP_LOGINREQUEST' packets sent to the ed2k port of an affected computer.

Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

Net Transport 2.90.510 is vulnerable; other versions may also be affected.

Affected

  • Net Transport 2.90.510

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube