Easy Chat Server 1.x – Multiple Denial of Service Vulnerabilities

Easy Chat Server 1.x – Multiple Denial of Service Vulnerabilities

漏洞ID 1054508 漏洞类型
发布时间 2004-07-02 更新时间 2004-07-02
图片[1]-Easy Chat Server 1.x – Multiple Denial of Service Vulnerabilities-安全小百科CVE编号 N/A
图片[2]-Easy Chat Server 1.x – Multiple Denial of Service Vulnerabilities-安全小百科CNNVD-ID N/A
漏洞平台 Multiple CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/24247
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/10649/info

It is reported that Easy Chat Server is susceptible to multiple denial of service vulnerabilities.

The chat software is implemented as a web server serving a chat web application to clients. The software is reported to contain two denial of service vulnerabilities. The application improperly sanitizes user supplied URI data, and cannot handle large numbers of anonymous users created in chat rooms.

An attacker with remote access to an affected instance of this application could use these vulnerabilities to crash the service, denying service to legitimate users.

An example of a long username URI:
http://www.example.com/chat.ghp?username=aaaa[ 295 of a ]aaaa&password=&room=1&sex=0

An example of creating a fake user:
http://www.example.com/chat.ghp?username=FakeUser&password=&room=1&sex=0

相关推荐: ACC’s Tigris Access Terminal Vulnerability

ACC’s Tigris Access Terminal Vulnerability 漏洞ID 1104887 漏洞类型 Access Validation Error 发布时间 1999-01-03 更新时间 1999-01-03 CVE编号 N/A CNN…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享