[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
DoS in LANChat Pro Revival 1.666c
- To: <bugtraq@xxxxxxxxxxxxxxxxx>, <vuln@xxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>, <bugs@xxxxxxxxxxxxxxxxxxx>, <news@xxxxxxxxxxxxxx>
- Subject: DoS in LANChat Pro Revival 1.666c
- From: "Donato Ferrante" <fdonato@xxxxxxxxxxxxx>
- Date: Thu, 3 Feb 2005 15:07:02 -0000
Donato Ferrante
Application: LANChat Pro Revival
http://lanchat.republika.pl/
Version: 1.666c
Bug: Denial Of Service
Date: 03-Feb-2005
Author: Donato Ferrante
e-mail: fdonato@xxxxxxxxxxxxx
web: www.autistici.org/fdonato
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
1. Description
2. The bug
3. The code
4. The fix
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
----------------
1. Description:
----------------
Vendor's Description:
"LANChat Pro is a local area network chat program with multicolor,
custom skins and sounds support, WAN operation and file transfer
and many other options."
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
------------
2. The bug:
------------
The program is unable to manage malformed data into udp packet, in fact
it crashes.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-------------
3. The code:
-------------
To test the vulnerability:
http://www.autistici.org/fdonato/poc/LANChatPR[1666c]DoS-poc.zip
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
------------
4. The fix:
------------
No fix.
LANChat Pro Revival is no longer supported.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx