CVE-2004-2466 Information

Description

chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter possibly due to a buffer overflow. NOTE: it was later reported that 2.2 is also affected.

Reference

http://archives.neohapsis.com/archives/bugtraq/2004-07/0013.html http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0077.html http://secunia.com/advisories/12006 http://secunia.com/advisories/26461 http://secunia.com/advisories/58427 http://www.autistici.org/fdonato/advisory/EasyChatServer1.2-adv.txt http://www.exploit-db.com/exploits/33326 http://www.osvdb.org/7416 http://www.securityfocus.com/bid/25328 http://www.securityfocus.com/bid/67384 http://www.vupen.com/english/advisories/2007/2901 https://exchange.xforce.ibmcloud.com/vulnerabilities/16629 https://exchange.xforce.ibmcloud.com/vulnerabilities/36013 https://www.exploit-db.com/exploits/4289