eMule <= 0.46b is vulnerable - HeapOverflow Computer Security Community & Forums : Heap Overflow.com

HeapOverflow Computer Security Community & Forums : Heap Overflow.com

		HeapOverflow Computer Security Community & Forums : Heap Overflow.com > Computer Security: Discussions > Security discussions
eMule <= 0.46b is vulnerable

Mark Forums Read

Security discussions Discuss about the computer security in general

eMule <= 0.46b is vulnerable

This is a discussion on "eMule <= 0.46b is vulnerable" within the Security discussions part of the Computer Security: Discussions section; according to Kotik http://www.frsirt.com/bulletins/1663 There is a remote buffer overflow in it , this can be huge because most eMule versions onlines are outdated....

Reply

#1 (permalink)

Old

27-07-05

class101 is offline

Administrator

Join Date: May 2005

Location: France

Age: 31

Posts: 582

Thanks: 14

Thanked 12 Times in 11 Posts

Rep Power: 10

class101 has disabled reputation

Send a message via MSN to class101

Default

eMule <= 0.46b is vulnerable

according to Kotik

http://www.frsirt.com/bulletins/1663

There is a remote buffer overflow in it , this can be huge because most eMule versions onlines are outdated.

__________________

Reply With Quote

Sponsor

Advertiser

#2 (permalink)

Old

28-07-05

touk

Guest

Posts: n/a

Default

this can be huge not only because most eMule versions onlines are outdated but also because the vulnerability is in the Zlib (<= 1.22) in the file inftrees.c. And Zlib is used with Linux/windows and in such application as Windows Messenger, DirectX, FrontPage, Internet Explorer, Office...

Reply With Quote

#3 (permalink)

Old

28-07-05

class101 is offline

Administrator

Join Date: May 2005

Location: France

Age: 31

Posts: 582

Thanks: 14

Thanked 12 Times in 11 Posts

Rep Power: 10

class101 has disabled reputation

Send a message via MSN to class101

Default

Yep true so but I don't think the vuln is in Zlib because where is the use to rls it under the eMule application, prolly an eMule bug on how it is handling Zlib, but not a Zlib bug.

__________________

Reply With Quote

Sponsor

Advertiser

Reply

Tags
046b, emule, vulnerable

« New eEye Upcoming Advisory | ISS blame »

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is On HTML code is Off Trackbacks are On Pingbacks are On Refbacks are On

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144