Title: eMule Remote Buffer Overflow Vulnerability
Severity: HIGH
Description:
eMule is a freely available, open source peer-to-peer file sharing application. eMule uses the eDonkey file sharing protocol. It is available for the BSD, Linux, Microsoft Windows operating systems. eMule includes an IRC module and Web Server that allows for remote access to those services.
eMule is prone to a remote buffer overflow vulnerability. This issue is due to a failure of the application to properly validate buffer boundaries during memory copy operations.
The problem presents itself when user supplied data is provided to the application via the IRC module or the Web Server. The affected features employ the 'DecodeBase16' function to use a temporary buffer to translate hexadecimal network data into an application specific format. Bound checking on this operation is nonexistent, facilitating a buffer overflow vulnerability.
Successful exploitation would immediately produce a denial of service condition in the affected process. This issue may also be leveraged to execute code on the affected system within the security context of the user running the vulnerable process.
This issue has been reported to affect version 0.42d of the affected software. It is quite likely however that earlier versions are affected as well.
Affected Products:
- Emule Emule 0.42.0d
References:
- eMule: eMule Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
