SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Instant Messaging/IRC/Chat)  >  Easy Chat Server Vendors:  EFS Software Inc.
Easy Chat Server '../' Input Validation Hole Discloses Files to Remote Users
SecurityTracker Alert ID:  1010630
SecurityTracker URL:  http://securitytracker.com/id?1010630
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 1 2004
Impact:  Disclosure of system information, Disclosure of user information
Exploit Included:  Yes  
Version(s): 1.2
Description:  A directory traversal vulnerability was reported in Easy Chat Server. A remote user can view files that are located outside of the chat directory.

Dr_insane reported that the chat service does not properly validate user-supplied input. A remote user can reportedly submit a request containing '../' directory traversal characters to view arbitrary files on the target system with the privileges of the chat service.

A demonstration exploit path is provided:

/../../boot.ini

The original advisory is available at:

http://members.lycos.co.uk/r34ct/main/Easy_chat_server.txt
Impact:  A remote user can view arbitrary files on the target system with the privileges of the chat service.
Solution:  No solution was available at the time of this entry.
Vendor URL:  www.echatserver.com/ (Links to External Site)
Cause:  Input validation error
Underlying OS:  Windows (Any)

Message History:   None.

 Source Message Contents
Date:  Thu, 01 Jul 2004 10:41:30 -0400
Subject:  http://members.lycos.co.uk/r34ct/main/Easy_chat_server.txt

 

http://members.lycos.co.uk/r34ct/main/Easy_chat_server.txt

+++ Easy chat server 1.2 Directory traversal +++



Release Date:
June 30 , 2004

Severity:
MEdium

Systems Affected:
Microsoft Windows NT 4.0 (all versions)
Microsoft Windows 2000 (SP3 and earlier)
Microsoft Windows XP (all versions)
windows 9x


Description:
Easy Chat Server is a easy, fast and affordable way to host and manage your own real-time 
communication
software, it allows friends/colleagues to chat with you through a Web Browser (IE, 
Netscape, Opera etc.)
on any computer (Windows, Linux, Solaris...) without any special plug-ins or software. It 
can help you
setup your community chat rooms, collaborative work sessions or online meetings.

A simple Directory traversal problem has been identified in Easy chat server 1.2 that may 
allow a remote user
to read files outside the WWW directory.

Example: /../../boot.ini


Workaround:
Use another product.

Pr00f of concept code:
sorry, nothing at the moment but some pr00f of concept exploit may emerge soon.



Credit:
Dr_insane
Http://members.lycos.co.uk/r34ct/


Feedback
Please send your comments to: dr_insane@pathfinder.gr


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2004, SecurityGlobal.net LLC