eMule IRC Module / Web Server DecodeBase16 Function Remote Overflow

This script is Copyright (C) 2009-2011 Tenable Network Security, Inc.


Synopsis :

Arbitrary code may be run on this host.

Description :

According to its version, the eMule Web Server listening on this port
contains a buffer overflow vulnerability in the 'DecodeBase16'
function due to a lack of length checks on its inputs. An anonymous
remote attacker may be able to leverage this issue to execute
arbitrary code on the affected host.

See also :

http://security.nnov.ru/search/news.asp?binid=3572
http://marc.info/?l=bugtraq&m=108100987429960&w=2

Solution :

Either upgrade to eMule version 0.42e or later, do not use the eMule
web server and IRC client, or uninstall eMule.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.2
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Peer-To-Peer File Sharing

Nessus Plugin ID: 42833 (eMule_http_flaws.nasl)

Bugtraq ID: 10039

CVE ID: CVE-2004-1892