icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

DC++ < 0.674 File Content Manipulation

Medium

Synopsis

The remote host may be tricked into running an executable file.

Description

The remote host is running DC++, an open source peer-to-peer client. The remote host is reported to be prone to a vulnerability where attackers can append data to file transfers. The details of this flaw are, at the time, undocumented. It is believed that a successful attack would result in arbitrary code being run on the client machine (after a download is complete).

Solution

Upgrade to version 0.674 or higher.