RE: Port 4662 exploitation

["Erin Carroll" <amoeba () amoebazone com>]

List members,

Please bear in mind that we all had to start somewhere. I let posts through
to the list that are obviously from people of different skill levels and
backgrounds on purpose, to foster learning and information sharing. Replies
which denigrate or otherwise amount to "STFU N00b!" will not be tolerated
and obviously don't make it past moderation. Disagreements over technical
aspects or processes are fine, even encouraged. However, personal attacks,
flames, or snide remarks will make your moderator grumpy and, like some kind
of retarded Hulk, "You won't like it when I'm grumpy."

We all were Mohamed at one point in time. Maybe he got took on a project
because he showed interest and wanted to learn or just got stuck with
something outside his area of expertise. Regardless, please show some
courtesy and act like decent human beings and professionals.

/rant

--
Erin Carroll
Moderator, SecurityFocus pen-test mailing list
"I cannot brain today, I have the dumb"



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of ArcSighter Elite
Sent: Friday, December 12, 2008 1:43 PM
To: Mohamad M
Cc: pen-test () securityfocus com
Subject: Re: Port 4662 exploitation

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mohamad M wrote:
> Hello All,
>
> I'm doing a vulnerability assessment for my company, and saw that port
4662
> (edonkey) is open on 1 device facing the internet. I telneted to 4662, and
I
> got connected; since I'm new to this domain, what are the steps needed in
> order to exploit this vulnerability?
>
> Thanks,
>
> ./Lgpmsec
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Security Trends Report from Cenzic
> Stay Ahead of the Hacker Curve!
> Get the latest Q2 2008 Trends Report now
>
> www.cenzic.com/landing/trends-report
> ------------------------------------------------------------------------

An open port is never a vulnerability, only if the running service that
binds to that port is actually vulnerable. What makes me ask, have you
actually done a service fingerprint to determine is e-donkey?, cause
that looks pretty weird to me.

Sincerely.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJQtqjH+KgkfcIQ8cRAgNoAJ9UwNxQVPYRoiiTFR+RodSlMKSnKQCg6pfX
66R/06sfIeFD5pxulEsjxyM=
=cYuf
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------