Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

DC++ < 0.674 File Content Manipulation

Medium

Synopsis

The remote host may be tricked into running an executable file.

Description

The remote host is running DC++, an open source peer-to-peer client. The remote host is reported to be prone to a vulnerability where attackers can append data to file transfers. The details of this flaw are, at the time, undocumented. It is believed that a successful attack would result in arbitrary code being run on the client machine (after a download is complete).

Solution

Upgrade to version 0.674 or higher.