eMule Web Interface POST Content Length DoS

2004-05-11T08:56:58
ID OSVDB:6039
Type osvdb
Reporter Rafel Ivgi(theinsider@012.net.il)
Modified 2004-05-11T08:56:58

Description

Vulnerability Description

eMule contains a flaw that may allow a remote denial of service. The issue is triggered when sending a specially crafted POST request containing a negative value in the "Content-Length:" header, and will result in loss of availability for the application.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

eMule contains a flaw that may allow a remote denial of service. The issue is triggered when sending a specially crafted POST request containing a negative value in the "Content-Length:" header, and will result in loss of availability for the application.

References:

Vendor URL: http://www.emule-project.net/ Security Tracker: 1010108 Secunia Advisory ID:11589 Other Advisory URL: http://theinsider.deep-ice.com/texts/advisory2.txt Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0406.html