Full Disclosure mailing list archives
DoS in LANChat Pro Revival 1.666c
From: "Donato Ferrante" <fdonato () autistici org>
Date: Thu, 3 Feb 2005 15:07:02 -0000
Donato Ferrante Application: LANChat Pro Revival http://lanchat.republika.pl/ Version: 1.666c Bug: Denial Of Service Date: 03-Feb-2005 Author: Donato Ferrante e-mail: fdonato () autistici org web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1. Description 2. The bug 3. The code 4. The fix xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ---------------- 1. Description: ---------------- Vendor's Description: "LANChat Pro is a local area network chat program with multicolor, custom skins and sounds support, WAN operation and file transfer and many other options." xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ------------ 2. The bug: ------------ The program is unable to manage malformed data into udp packet, in fact it crashes. xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ------------- 3. The code: ------------- To test the vulnerability: http://www.autistici.org/fdonato/poc/LANChatPR[1666c]DoS-poc.zip xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ------------ 4. The fix: ------------ No fix. LANChat Pro Revival is no longer supported. xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- DoS in LANChat Pro Revival 1.666c Donato Ferrante (Feb 03)