EMule Plus Web Server Detection Network Vulnerability

Summary

eMule Web Server works on this port. Some versions of this P2P client are vulnerable to a DecodeBase16 buffer overflow which would allow an attacker to execute arbitrary code. Thanks to Kostya Kortchinsky for his posting to bugtraq. Known Vulnerable clients: eMule 0.42a-d eMule 0.30e eMulePlus <1k * Note: This script only checks if port 4711 is open and if it reports banner which contains string eMule. *

Solution

disable eMule Web Server or upgrade to a bug-fixed version (eMule 0.42e, eMulePlus 1k or later)

References

http://security.nnov.ru/search/news.asp?binid=3572

Updated on 2015-03-25

Severity

Classification

CVE CVE-2004-1892
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ICQ is installed
eMule Plus Web Server detection
Kazaa is installed
Kazaa / Morpheus Client Detection

Take action and discover your vulnerabilities