OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: neme-dhchushmail.com
Date: Fri May 25 2001 - 08:07:32 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

     [ Advisory for Freestyle Chat server ]
     [ Freestyle Chat server is made by Faust Informatics ]
     [ Site: http://www.faust-net.de ]
     [ by nemesystm of the DHC ]
     [ (http://dhcorp.cjb.net - neme-dhchushmail.com) ]
     [ ADV-0124 ]

    /-|=[explanation]=|-\
    Freestyle Chat server is http chat environment. It is
    vulnerable to a variation of the dot dot bug. Freestyle
    also suffers from a device name denial of service.

    /-|=[who is vulnerable]=|-\
    Freestyle Chat server 3.73
    was tested and is vulnerable.
    The creator of Freestyle Chat server has verified that
    every version prior to 4.1 SR3 is vulnerable.
    4.1 SR3 was released because of this vulnerability.

    /-|=[testing it]=|-\
    By requesting
    http://www.server.com/.../.../scandisk.log
    http://www.server.com/..../scandisk.log
    one can grab any file they want. Naturally variations
    on the examples above are also possible.

    By requesting
    http://www.server.com/aux
    one can crash the server.
    This is not a problem in Windows 2000, only in Windows
    ME/98.

    /-|=[fix]=|-\
    Download Freestyle Chat server 4.1 SR3. If upgrading is
    not an option for some reason, a patch is also
    available on the Faust Informatics website.
    Free, encrypted, secure Web-based email at www.hushmail.com