Handler on Duty: Johannes Ullrich
Threat Level: green
Loading...
|
|
Submitted By | Date |
---|---|
Comment | |
Ulrich Weber | 2009-10-04 18:45:22 |
Meanwhile, port 4662 TCP has raised to the most probed one in my FW-Logs so that I've decided not to log it anymore because the log's getting too huge in a short time. The frequency of scans for port 4662 TCP seems to be strongly depending on the IP adress I got. I observed that ending the connection and establishing it again only a few seconds later getting a new IP will sometimes also end the scans. So I think these scans are coming from edonkey clients looking for a "died" server they knew before? | |
Rémi Denis-Courmont | 2009-10-04 18:45:22 |
Stefan Esser found a remote "double free"-like vulnerability, which he reports to be remotely exploitable, on the following open-source eDonkey-compatible clients: eMule (Windows) and its ports to Unix platforms, xMule and Lmule. The original advisory may be found here: http://security.e-matters.de/advisories/022003.html | |
Chris Dickens | 2004-01-15 23:03:48 |
The eMule software was recently featured in a television program known as The Screen Savers on TechTV. The increased activity might be attributed to a sudden influx of new users to this Peer-To-Peer network. | |
Johannes Ullrich | 2003-01-28 19:00:13 |
This port is frequently used by P2P file sharing applications. If you are using a dynamic IP address, you are likely hit on this port by P2P afterglow. This afterglow is caused by prior use of your IP address for P2P file sharing, as the original P2P host has now disconnected, the peers it talked to still try to connect back. | |
Bob A. Schelfhout Aubertijn | 2002-11-29 17:57:35 |
Kurt Seifried, explains on his page http://www.seifried.org/security/ports/4000/4662.html that Port 4662 is used by Edonkey2000. It is a peer to peer file sharing service similar to Kazaa or Napster. Í have seen probes for 4662 in my logs but in the EU it is not that common, to the best of my knowledge. Give Kurt credit for the details. ;-) |
CVE # | Description |
---|