[prev in list] [next in list] [prev in thread] [next in thread]
List: secunia-sec-adv
Subject: [SA12398] Chat Anywhere User Flooding Denial of Service Vulnerability
From: Secunia Security Advisories <sec-adv () secunia ! com>
Date: 2004-08-31 9:49:39
Message-ID: 200408310949.i7V9nd3j010547 () secunia ! com
[Download RAW message or body]
TITLE:
Chat Anywhere User Flooding Denial of Service Vulnerability
SECUNIA ADVISORY ID:
SA12398
VERIFY ADVISORY:
http://secunia.com/advisories/12398/
CRITICAL:
Less critical
IMPACT:
DoS
WHERE:
From remote
SOFTWARE:
Chat Anywhere 2.x
http://secunia.com/product/3163/
DESCRIPTION:
Luigi Auriemma and Donato Ferrante have discovered a vulnerability in
Chat Anywhere, which can be exploited by malicious people to cause a
DoS (Denial of Service).
It is possible to flood a channel with fake users and thereby cause
the system to become unstable and consume a large amount of CPU
resources on client systems.
The vulnerability has been confirmed in version 2.72a. Prior versions
are reportedly also affected.
SOLUTION:
Use another product.
PROVIDED AND/OR DISCOVERED BY:
Luigi Auriemma and Donato Ferrante
ORIGINAL ADVISORY:
http://www.autistici.org/fdonato/advisory/ChatAnywhere2.72a-adv.txt
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=secunia-sec-adv@progressive-comp.com
----------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic