Easy Chat Server Authentication Request Buffer Overflow
Added: 08/03/2009Background
Easy Chat Server is a web-based chat server for Microsoft Windows.Problem
The server is vulnerable to a remote buffer-overflow attack which can be triggered by sending a specially crafted password parameter to chat.ghp.Resolution
Easy Chat Server 2.2 and earlier are vulnerable. Contact the vendor at support@echatserver.com for information on when a fix will be available.References
http://milw0rm.com/exploits/8142http://securitytracker.com/alerts/2009/Mar/1021785.html
Limitations
Exploit works on Easy Chat Server 2.2 on Windows 2000 and Windows 2003.Platforms
WindowsBack to exploit index