Chatness Multiple Remote Vulnerabilities
BID:23469
Info
Chatness Multiple Remote Vulnerabilities
| Bugtraq ID: | 23469 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 12 2007 12:00AM |
| Updated: | Apr 13 2007 05:42PM |
| Credit: | Gammarays is credited with discovering this vulnerability. |
| Vulnerable: |
Chatness Chatness 2.5.3 |
| Not Vulnerable: | |
Discussion
Chatness Multiple Remote Vulnerabilities
Chatness is prone to multiple remote vulnerabilities, including an information-disclosure issue and an arbitrary-file-overwrite issue.
An attacker can exploit these issues to gain administrative access to the affected application, to overwrite arbitrary HTML files, and to execute arbitrary code with the privileges of the webserver process.
These issues affect Chatness 2.5.3 and prior versions.
Chatness is prone to multiple remote vulnerabilities, including an information-disclosure issue and an arbitrary-file-overwrite issue.
An attacker can exploit these issues to gain administrative access to the affected application, to overwrite arbitrary HTML files, and to execute arbitrary code with the privileges of the webserver process.
These issues affect Chatness 2.5.3 and prior versions.
Exploit / POC
Chatness Multiple Remote Vulnerabilities
Attackers can use a browser to exploit these issues.
The following exploit code is available.
Attackers can use a browser to exploit these issues.
The following exploit code is available.
Solution / Fix
Chatness Multiple Remote Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Chatness Multiple Remote Vulnerabilities
References:
References: