Xedus XSS Network Vulnerability

Summary

The remote host runs Xedus Peer to Peer webserver. This version is vulnerable to cross-site scripting attacks. With a specially crafted URL, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution

Upgrade to the latest version and remove .x files located in ./sampledocs folder

Severity

Classification

CVE CVE-2004-1645
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Lime Wire Multiple Remote Unauthorized Access
Xedus directory traversal
MLdonkey HTTP Request Arbitrary File Download Vulnerability
Detect the presence of Napster
eDonkey/eMule detection

Take action and discover your vulnerabilities