Vulnerable: Conference Room Professional-Developer Edititon.

[Murat - 2 <murat () agguvenligi com>]

Vulnerable: Conference Room Professional-Developer Edititon. (www.webmaster.com)
Only tested on Windows NT 4.0 sp6a and Windows 2000 pro.

Conference Room 1.8.1x or older versions are subject to a DoS attack when
following commands are used.

Make to connections to the irc server second being the clone of other. On
second connection (clone)
type "/ns buddy on".
on first connection type "/ns buddy add <clone client nickname>".
on clone type "/ns auth accept 1"
and the services crashes.
Since conference room saves databases at 15min intervals, everything done in
this period will be deleted.
Services cannot connect automatically to the server.
Only a "/servstart" issued by an ircop or admin will return the services to
normal functionality and connect to server.
------------------------------------------------------------------------------------
If your irc server using Conference Room 1.8.2x
"/ns buddy on" can't run, cuz professional edt. can't support "buddy" command.
Register it one channel, and type it commands "/ns set authorize chanlists on",
"/cs aop <#ChannelName> add <NickName>", "/ns auth accept 1".
and the services crashes.
Since conference room saves databases at 15min intervals, everything done in
this period will be deleted.
Services cannot connect automatically to the server.
Only a "/servstart" issued by an ircop or admin will return the services to
normal functionality and connect to server.

This vulnerability does not work on Conference Room Enterprise Edition.


www.agguvenligi.com

Attachment: ACCOUNT.VCF
Description: