| VID |
12061 |
| Severity |
20 |
| Port |
4274 |
| Protocol |
TCP |
| Class |
P2P |
| Detailed Description |
The Xedus P2P Web server is vulnerable to a denial of service attack.
Xedus is a Peer-to-Peer web server for Microsoft Windows platforms and provides you with the ability to share files, music, and any other media. The Xedus web server by default listens for incoming connections on port 4274, however this value can be edited by the administrator of the Xedus web server. Xedus version 1.0 is vulnerable to a denial of service attack. By establishing multiple connections from the same host, a remote attacker could cause the affected Web server to deny access to the hosted site for legitimate users.
* References:
http://www.securityfocus.com/archive/1/373506
http://packetstormsecurity.nl/0409-exploits/00047-08302004.txt
* Platforms Affected:
Jerod Moemeka, Xedus 1.0
Microsoft Windows Any version |
| Recommendation |
No upgrade or patch available as of November 2004.
Upgrade to the new version of Xedus, when new version fixed this problem becomes available from the Xedus Home page at http://www.thinxoft.com/ |
| Related URL |
CVE-2004-1644,CVE-2004-1645,CVE-2004-1646 (CVE) |
| Related URL |
11071 (SecurityFocus) |
| Related URL |
17165 (ISS) |
|
