ChatterBox Invalid Request Handling DoS

2004-01-30T07:54:49
ID OSVDB:3798
Type osvdb
Reporter OSVDB
Modified 2004-01-30T07:54:49

Description

Vulnerability Description

Chatterbox contains a flaw that may allow a remote denial of service. The issue is triggered when an invalid request is sent to the server, and will result in loss of availability for the service.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Chatterbox contains a flaw that may allow a remote denial of service. The issue is triggered when an invalid request is sent to the server, and will result in loss of availability for the service.

Manual Testing Notes

To test the vulnerability simply send to the chat server a string like:

"aaaaaa"

and the chat server will go down.

References:

Vendor URL: http://www.urbancities.net/burton/ Secunia Advisory ID:10775 Other Advisory URL: http://www.autistici.org/fdonato/advisory/ChatterBox2.0-adv.txt Other Advisory URL: http://archives.neohapsis.com/archives/bugtraq/2004-02/0041.html ISS X-Force ID: 15011 CVE-2004-2342 Bugtraq ID: 9532