Edonkey is present on the system (Edonkey_Connect)

About this signature or vulnerability

Proventia Network MFS, Proventia-G 1.1 and earlier, Proventia Desktop, Proventia Server IPS for Linux technology, Proventia Network IPS, Proventia Server IPS for Microsoft Windows technology, BlackICE Agent for Server, BlackICE PC Protection, BlackICE Server Protection, RealSecure Network, RealSecure Server Sensor:

This signature detects a connection between a edonkey client and a edonkey server.

Default risk level

Low risk vulnerability Low

Sensors that have this signature

Proventia Network MFS: XPU 1.18, Proventia-G 1.1 and earlier: XPU 22.21, Proventia Desktop: 8.0.614.1, Proventia Server IPS for Linux technology: 1.0, Proventia Network IPS: 2.0, Proventia Server IPS for Microsoft Windows technology: 1.0.914.0, BlackICE Agent for Server: 3.6eof, BlackICE PC Protection: 3.6cpa, BlackICE Server Protection: 3.6.cpa, RealSecure Network: XPU 22.21, RealSecure Server Sensor: XPU 22.21

Systems affected

Microsoft Windows NT: 4.0, Microsoft Windows 98, Linux Linux, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows Me, Apple Mac OS: 10.2 and later

Type

Suspicious Activity

Vulnerability description

The Edonkey application is installed on a system. Edonkey is an application that helps users locate, upload, and download files over the Internet.

How to remove this vulnerability

If use of the Edonkey application is not in compliance with your system policy, consider uninstalling the Edonkey application. It may be helpful to remind users of your system policy regarding the use of Edonkey or similar applications.

References

Edonkey Web site
Edonkey
http://www.edonkey2000.com

ISS X-Force
Edonkey is present on the system
http://www.iss.net/security_center/static/10627.php