Overnet is running on the system (Overnet_Search)

About this signature or vulnerability

Proventia Network IPS, Proventia Server IPS for Linux technology, Proventia-G 1.1 and earlier, Proventia Desktop, Proventia Network MFS, RealSecure Network, Proventia Server IPS for Microsoft Windows technology, BlackICE Agent for Server, BlackICE PC Protection, BlackICE Server Protection, RealSecure Server Sensor:

This signature detects an Overnet node searching for file shares.

Default risk level

Low risk vulnerability Low

Sensors that have this signature

Proventia Network IPS: 2.0, Proventia Server IPS for Linux technology: 1.0, Proventia-G 1.1 and earlier: XPU 22.3, Proventia Desktop: 8.0.614.1, Proventia Network MFS: XPU 1.1, RealSecure Network: XPU 22.3, Proventia Server IPS for Microsoft Windows technology: 1.0.914.0, BlackICE Agent for Server: 3.6eof, BlackICE PC Protection: 3.6cpa, BlackICE Server Protection: 3.6.cpa, RealSecure Network: XPU 5.22, RealSecure Server Sensor: XPU 22.3

Systems affected

Overnet Overnet, Microsoft Windows, Linux Linux, Apple Mac OS: 10.x

Type

Protocol Signature

Vulnerability description

Overnet is file sharing software for Microsoft Windows, Mac OS X, and Linux-based operating systems. The remote server is running as an Overnet peer-to-peer (P2P) client.

How to remove this vulnerability

If peer-to-peer file sharing is not allowed at your organization, Overnet should be uninstalled.

References

Overnet Web site
eDonkey2000 - Overnet
http://www.overnet.com/

ISS X-Force
Overnet is running on the system
http://www.iss.net/security_center/static/13370.php