Exploit WebMaster ConferenceRoom 1.8 Developer Edition - Denial of Service

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
20534
Проверка EDB
  1. Пройдено
Автор
MURAT - 2
Тип уязвимости
DOS
Платформа
MULTIPLE
CVE
cve-2001-0177
Дата публикации
2001-01-10
Код:
source: https://www.securityfocus.com/bid/2178/info

WebMaster ConferenceRoom Developer Edition is a chat package which enables a large community of users to chat together. ConferenceRoom has a wide range of capabilities and a user friendly channel moderation feature.

It is possible to cause a denial of service in ConferenceRoom. By making duplicate connections and executing special server commands in both sessions, ConferenceRoom will crash and refuse any new connections. A restart of the service is required in order to gain normal functionality. 

ConferenceRoom 1.8.1:

Make to connections to the irc server second being the clone of other. On second connection (clone) type "/ns buddy on". on first connection type "/ns buddy add <clone client nickname>". on clone type "/ns auth accept 1" and the services crashes.

ConferenceRoom 1.8.2:

"/ns buddy on" can't run, cuz professional edt. can't support "buddy" command. Register it one channel, and type it commands "/ns set authorize chanlists on", "/cs aop <#ChannelName> add <NickName>", "/ns auth accept 1". and the services crashes.
 
Источник
www.exploit-db.com

Похожие темы