Info

Disclosure

Sep 27, 2004

Discovery

Sep 27, 2004

Dates

Exploit

Sep 27, 2004

Solution

Unknown

Description

ChatMan contains a flaw that may allow a remote denial of service. The issue is triggered when an overly large data packet occurs, and will result in loss of availability for the service.

Classification

Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Available

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Virtual Projects	ChatMan	1.5.1
		1.5.0 RC1
		1.4.0 beta
		1.3.1 beta
		1.3.0 beta
		1.2.1 beta
		1.1.5 beta
		1.1.4 beta
		1.1.3 beta
		1.1.2 beta
		1.1.1 beta
		1.1.0 beta
		1.0.4 beta
		1.0.3 beta
		1.0.2 beta
		1.0.1 beta
		0.9.x beta

References

Security Tracker: 1011431
Bugtraq ID: 11263
Secunia Advisory ID: 12665
CVE ID: 2004-2151 (see also: NVD)
Other Advisory URL: http://aluigi.altervista.org/adv/chatmanx-adv.txt
Generic Exploit URL: http://aluigi.altervista.org/poc/chatmanx.zip
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-09/0349.html
Vendor URL: http://www.vp-soft.com/software/chatman.php

Credit

Luigi Auriemma - aluigialtervista.org - http://aluigi.altervista.org

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Virtual Projects

ChatMan

References

Credit