FreeChat Remote Denial Of Service Vulnerability
BID:9744
Info
FreeChat Remote Denial Of Service Vulnerability
| Bugtraq ID: | 9744 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2004-0329 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 25 2004 12:00AM |
| Updated: | Jul 12 2009 03:06AM |
| Credit: | Disclosure of this issue is credited to "Donato Ferrante" <[email protected]>. |
| Vulnerable: |
FreeChat FreeChat 1.1.1 a FreeChat FreeChat 0.1.1 a |
| Not Vulnerable: | |
Discussion
FreeChat Remote Denial Of Service Vulnerability
It has been reported that FreeChat is prone to a remote denial of service vulnerability. The issue surrounds the servers inability to handle unexpected strings.
Successful exploitation of this issue would cause the affected server to crash, denying service to legitimate users.
It has been reported that FreeChat is prone to a remote denial of service vulnerability. The issue surrounds the servers inability to handle unexpected strings.
Successful exploitation of this issue would cause the affected server to crash, denying service to legitimate users.
Exploit / POC
FreeChat Remote Denial Of Service Vulnerability
No exploit is required to leverage this issue. The following proof of concept has been provided:
To test the vulnerability simply connect to the server (using a telnet or similar client) and send it the following string:
"aaaaa"
No exploit is required to leverage this issue. The following proof of concept has been provided:
To test the vulnerability simply connect to the server (using a telnet or similar client) and send it the following string:
"aaaaa"
Solution / Fix
FreeChat Remote Denial Of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.