Xi Software Net Transport eDonkey Protocol Buffer Overflow
Added: 02/22/2010OSVDB: 61435
Background
Net Transport, also known as NetXfer, is a download manager for Windows made by Xi Software. Among the protocols Net Transport can handle is eDonkey, a decentrailized peer to peer network for file sharing.Problem
The Net Transport download manager fails to properly sanitize user input from the eDonkey network, specifically in processing eDonkey OP_LOGINREQUEST packets. A successful attacker sending a specially crafted packet could cause a stack buffer overflow and execute arbitrary code.Resolution
Restrict access to the port used for eDonkey. Upgrade to a newer version of Net Transport that contains a fix.References
http://secunia.com/advisories/38028/Limitations
Exploit runs on Xi Software Net Transport 2.90.510.The eDonkey service port must be known by the attacker. By default, the application uses a random port.
The exploit may take a longer time to establish a shell connection.
Platforms
WindowsBack to exploit index