Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0552

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0552
Last Modified 05 Sep 2008 04:28:19
Published 03 Jul 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0552

Summary

Multiple buffer overflows in Melange Chat server 2.02 allow remote or local attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long argument in the /yell command, (2) long lines in the /etc/melange.conf configuration file, (3) long file names, or possibly other attacks.

Vulnerable Systems

Application

  • Melange Chat System 2.0.2 Beta 2


References

XF - melange-chat-config-bo(8845)

BID - 4510

BID - 4509

BID - 4508

XF - melange-chat-filename-bo(8846)

XF - melange-chat-yell-bo(8842)

BUGTRAQ - 20020416 Melange Chat POC DOS

BUGTRAQ - 20020414 Vulnerabilities in the Melange Chat Server


Last Updated: 27 May 2016 10:36:58