In association with heise online

27 May 2008, 12:17

Effects of vulnerability in eMule Plus still unclear

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

After eDonkey, eMule is one of the most popular clients for peer-to-peer networks. Users can tweak the clients and improve download rates using "mods". But now the developers say they have discovered a security vulnerability.

The developers have not released a security advisory. Instead, the change log merely states that the current version patches a flaw in the processing of the staticservers.dat file. This file stores a user-extensible list of servers that are constantly reachable online and therefore provide easy access to the eDonkey network.

Computers in the eDonkey network act as both client and server while online. In contrast to such clients, which temporarily act as servers, permanently available nodes constitute the backbone of the eDonkey network, so when they are switched off the consequences can be severe. The vulnerability affects the current version 1.2d of eMule Plus. Users of the software are advised to download and install the latest version as soon as possible.

See also:

  • Change log, overview of the changes in eMule Plus 1.2d
  • Homepage where you can download eMule Plus 1.2d

(mba)

Print Version | Send by email | Permalink: http://h-online.com/-735303
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit