Denial Of Service in ChatterBox 2.0

From: Donato Ferrante (fdonato_at_autistici.org)
Date: 01/30/04

Next message: Daniele Orlandi: "Re: RFC: virus handling"

Previous message: Vietnamese Security Group: "BUG IN APACHE HTTPD SERVER (current version 2.0.47)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <bugtraq@securityfocus.com>
Date: Fri, 30 Jan 2004 14:44:09 +0100

Donato Ferrante

Application: ChatterBox
http://www.urbancities.net/burton/

Version: 2.0

Bug: Denial Of Service

Author: Donato Ferrante
e-mail: fdonato@autistici.org
web: www.autistici.org/fdonato

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

1. Description
2. The bug
3. The code
4. The fix

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

----------------
1. Description:
----------------

Vendor's Description:

"ChatterBox is a multiple client, single server graphical chat
program written in Java using Swing. Some basic features include
sending private messages, kicking users (server only), and obtaining
IP information on users (server only). It runs on any operating system
supporting Java 1.3."

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
2. The bug:
------------

ChatterBox is not able to manage irregular requests in fact it
will crash.

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-------------
3. The code:
-------------

To test the vulnerability simply send to the chat server a string like:

"aaaaaa"

and the chat server will go down.

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
4. The fix:
------------

Vendor was contacted.
Bug will be probably fixed in the next version of ChatterBox,
so go on the ChatterBox's official website:
http://www.urbancities.net/burton/ and check for a new version.

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Next message: Daniele Orlandi: "Re: RFC: virus handling"

Previous message: Vietnamese Security Group: "BUG IN APACHE HTTPD SERVER (current version 2.0.47)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Need for Speed Hot pursuit 2 <= 242 clients buffer overflow
... Bug ... Fix ... long string in the informations replied by the server. ... the clients automatically request informations to the ...
(Bugtraq)
[Full-disclosure] Format string bug in Skulltag 0.96f
... Bug ... Fix ... The server is affected by a format string vulnerability exploitable ... The exploitation happens "outside" the server so there are no banning ...
(Full-Disclosure)
[Full-Disclosure] Crash in Lords of the Realm III 1.01
... Exploitation: remote, versus server ... Bug ... Fix ...
(Full-Disclosure)
[Full-Disclosure] Format string bug in Army Men RTS
... Bug ... Fix ... Army Men RTS is a real-time strategy game developed by Pandemic Studios ... The game server is affected by a format string bug in the name of the ...
(Full-Disclosure)
Format string bug in Army Men RTS
... Bug ... Fix ... Army Men RTS is a real-time strategy game developed by Pandemic Studios ... The game server is affected by a format string bug in the name of the ...
(Full-Disclosure)

www.derkeiler.com > Mailing-Lists > securityfocus > bugtraq > 2004-02