lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040827173751.D0E7724423@chernobyl.investici.org> Date: Fri, 27 Aug 2004 17:37:51 -0000 From: "Donato Ferrante" <fdonato@...istici.org> To: <bugtraq@...urityfocus.com> Subject: DoS in Chat Anywhere 2.72a Donato Ferrante Application: Chat Anywhere http://www.lionmax.com/chatanywhere.htm Version: 2.72a Bug: Denial Of Service Date: 27-Aug-2004 Authors: Donato Ferrante e-mail: fdonato@...istici.org web: www.autistici.org/fdonato Luigi Auriemma e-mail: aluigi@...istici.org web: aluigi.altervista.org xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1. Description 2. The bug 3. The code 4. The fix xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ---------------- 1. Description: ---------------- Chat Anywhere is a Web-based chat server for real-time chatting. xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ------------ 2. The bug: ------------ The chat server is unable to manage fake users. So an attacker can crash the chat server and also consume a lot of CPU resources to all the real clients connected, by using fake users. xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ------------- 3. The code: ------------- To test the vulnerability: http://www.autistici.org/fdonato/poc/ChatAnywhere[272a]DoS-poc.zip or: http://aluigi.altervista.org/poc/chatanydos.zip xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ------------ 4. The fix: ------------ The bug was initially found on 4 Dec 2003 in the version 2.72, and reported to the vendor by Luigi Auriemma, but the vendor probably forgot to fix it. So the vendor was contacted for the same bug in the next version 2.72a, and now the vendor is planning to fix the bug in the next release. In the meantime vendor recommends to add password protection to protect the chat room. xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Powered by blists - more mailing lists