Xi Software Net Transport eDonkey Protocol Buffer Overflow

2010-02-22T00:00:00
ID SAINT:7447B9325D33F2478D3AEAC0369AC4B4
Type saint
Reporter SAINT Corporation
Modified 2010-02-22T00:00:00

Description

Added: 02/22/2010
OSVDB: 61435

Background

Net Transport, also known as NetXfer, is a download manager for Windows made by Xi Software. Among the protocols Net Transport can handle is eDonkey, a decentrailized peer to peer network for file sharing.

Problem

The Net Transport download manager fails to properly sanitize user input from the eDonkey network, specifically in processing eDonkey **OP_LOGINREQUEST** packets. A successful attacker sending a specially crafted packet could cause a stack buffer overflow and execute arbitrary code.

Resolution

Restrict access to the port used for eDonkey. Upgrade to a newer version of Net Transport that contains a fix.

References

<http://secunia.com/advisories/38028/>

Limitations

Exploit runs on Xi Software Net Transport 2.90.510.
The eDonkey service port must be known by the attacker. By default, the application uses a random port.
The exploit may take a longer time to establish a shell connection.

Platforms

Windows