Info

Disclosure

Jan 13, 2006

Discovery

Unknown

Dates

Exploit

Jan 13, 2006

Solution

Unknown

Description

123 Flash Chat Server contains a flaw that allows a remote attacker to write to files outside of the web path. The issue is due to the server not properly sanitizing user input when creating new users, specifically traversal style attacks (../../) supplied via the "user" variable. This flaw may allow a malicious user to gain access to unauthorized privileges and files.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified, Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 5.1_2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

TopCMM Computing Inc.

123 Flash Chat Server

5.1

References

Bugtraq ID: 16235
Secunia Advisory ID: 18455
CVE ID: 2006-0223 (see also: NVD)
VUPEN Advisory: ADV-2006-0198
Keyword: CLD-49053
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-01/0254.html
Vendor Specific News/Changelog Entry: http://www.123flashchat.com/flash-chat-server-v512.html

Credit

Jesus Olmos Gonzalez - advisoriesisecauditors.com - Internet Security Auditors, S.L.

Direct URL: http://osvdb.org/22440