| VID |
28072 |
| Severity |
20 |
| Port |
6699 |
| Protocol |
UDP |
| Class |
P2P |
| Detailed Description |
KaZaA program has been detected as running on the system.
KaZaA Media Desktop (KMD), maintained and distributed by Sharman Networks, is a peer-to-peer (P2P) file sharing program used to share audio, video, and other media files. This P2P file sharing program may be not allowed at your organization.
In addition, KaZaA clients up to 2.0.2 are vulnerable to a denial of service attack caused by a buffer overflow. By sending a malicious response to an affected system for the automated advertisement download, a remote attacker could overflow a buffer and cause the system to crash or possibly execute code on the system.
* References:
http://archives.neohapsis.com/archives/bugtraq/2003-02/0008.html
http://www.kazaa.com/index.htm
* Platforms Affected:
Microsoft Windows Any version
Sharman Networks KaZaA Any version |
| Recommendation |
If P2P file sharing is not allowed at your organization, uninstall the KaZaA program or it can be disabled by blocking TCP port 1214 at your network perimeter. |
| Related URL |
CVE-2003-0397 (CVE) |
| Related URL |
6543,6747 (SecurityFocus) |
| Related URL |
11031,11228,13321 (ISS) |
|
