[Mldonkey-bugs] [bugs #5078] Possible remote exploit?

[spiralvoice]

This mail is an automated notification from the bugs tracker
 of the project: mldonkey, a free e-Donkey client.

/**************************************************************************/
[bugs #5078] Latest Modifications:

Changes by: 
                spiralvoice <address@hidden>
'Date: 
                Tue 12/02/2003 at 20:20 (Europe/Berlin)

            What     | Removed                   | Added
---------------------------------------------------------------------------
              Status | Open                      | Closed







/**************************************************************************/
[bugs #5078] Full Item Snapshot:

URL: <http://savannah.nongnu.org/bugs/?func=detailitem&item_id=5078>
Project: mldonkey, a free e-Donkey client
Submitted by: 0
On: Fri 09/05/2003 at 16:33

Category:  eDonkey-plugin
Severity:  5 - Average
Item Group:  None
Resolution:  None
Assigned to:  None
Status:  Closed
Release:  None
Release:  2.5-3
Platform Version:  Linux i386-i686
Binaries Origin:  Downloaded from Savannah


Summary:  Possible remote exploit?

Original Submission:  09/05-15:50:51.637260  [**] [1:649:5] SHELLCODE x86 
setgid 0 [**] [Classification: A system call was detected] [Priority: 2] {TCP} 
195.83.42.130:11175 -> 217.236.88.xxx:4662



address@hidden root]# host 195.83.42.130

130.42.83.195.in-addr.arpa domain name pointer firewall.sop.cstb.fr.



Follow-up Comments
------------------


-------------------------------------------------------
Date: Sun 09/28/2003 at 15:12       By: None
You shouldn't use snort if you don't know how to decipher the output (a 
completely valid packed may have triggered this (this is called a false 
positive)).












For detailed info, follow this link:
<http://savannah.nongnu.org/bugs/?func=detailitem&item_id=5078>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.nongnu.org/