Info

Disclosure

Jul 02, 2004

Discovery

Unknown

Dates

Exploit

Jul 02, 2004

Solution

Unknown

Description

Easy Chat Server contains a flaw that may allow a remote denial of service. The issue is triggered when a GET request is sent with a very long username, and will result in loss of availability for the service.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Solution: Solution Unknown
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

EFS Software, Inc.	Easy Chat Server	1.2
		2.2

References

Secunia Advisory ID: 12006 26461
ISS X-Force ID: 16629 36013
CVE ID: 2004-2466 (see also: NVD)
Bugtraq ID: 25328
Milw0rm: 4289
Exploit Database: 4289
Related OSVDB ID: 7416 7417
Metasploit ID: 7416
VUPEN Advisory: ADV-2007-2901
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-07/0013.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0077.html
Other Advisory URL: http://www.autistici.org/fdonato/advisory/EasyChatServer1.2-adv.txt
http://www.securiteam.com/windowsntfocus/5IP0715DFA.html
Vendor URL: http://www.echatserver.com

Credit

Donato Ferrante - fdonatoautistici.org - Personal Page

Direct URL: http://osvdb.org/7416

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

EFS Software, Inc.

Easy Chat Server

References

Credit