{"vuid":"VU#315227","idnumber":"315227","name":"KaZaA Media Desktop discloses username to remote users","keywords":["Morpheus","KaZaA","disclose username","port 1214/tcp"],"overview":"The usernames disclosed by the KaZaA Media Desktop peer-to-peer file sharing application do not present a security vulnerability.","clean_desc":"The KaZaA Media Desktop is a peer-to-peer file sharing application that allows users to search for and download files from other KaZaA users. This product allegedly contains a security vulnerability that allows remote users to obtain the KaZaA username of other users by establishing a telnet connection to port 1214 of a machine running KaZaA. After researching this application to learn more about its operation, the CERT/CC believes that this transmission of username information is both intentional and entirely benign.","impact":"The usernames disclosed by this application do not present a security vulnerability.","resolution":"Users who do not wish to share username information with other users should refrain from using peer-to-peer utilities.","workarounds":"","sysaffected":"","thanks":"","author":"This document was written by Jeffrey P. Lanza.","public":["http://www.kazaa.com/","http://securitytracker.com/alerts/2001/Sep/1002311.html","http://securitytracker.com/alerts/2001/Aug/1002299.html"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-09-14T17:44:54Z","publicdate":"2001-08-29T00:00:00Z","datefirstpublished":"2003-10-30T22:11:21Z","dateupdated":"2003-10-30T22:11:39Z","revision":4,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"1","cam_impact":"0","cam_easeofexploitation":"20","cam_attackeraccessrequired":"20","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":0.0,"vulnote":null}