CVE-2004-2466
CVE-2004-2466
Vexday Risk Score
60Atención
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
Madurez del exploit
Exploit funcional
Exploit automatizable disponible (Nuclei/Metasploit).
CVSS —EPSS 74.7%KEV nãoPoC públicaNuclei —Metasploit simPatch —
Ciclo de vida
20 ago 2005Publicada en NVD
14 ago 2007Exploit Metasploit disponible
06 ago 2010PoC pública
Velocidad de armamento
1812 díashasta el primer PoC
724 díashasta el módulo Metasploit
Recomendación: Planificar corrección próxima — ya existe PoC pública.
chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter, possibly due to a buffer overflow. NOTE: it was later reported that 2.2 is also affected.
Productos afectados
n/a · n/aPoCs públicas encontradas — 6
cve_referencepacketstormsecurity.com/files/167892/Easy-Chat-Server-3.1-Buffer-Overflow.htmlno verificadocve_referencewww.exploit-db.com/exploits/33326no verificadoexploitdbwww.exploit-db.com/exploits/50999no verificadoexploitdbwww.exploit-db.com/exploits/16772no verificadoexploitdbwww.exploit-db.com/exploits/33326no verificadocve_referencewww.exploit-db.com/exploits/4289no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
Referencias
http://archives.neohapsis.com/archives/bugtraq/2004-07/0013.htmlhttp://archives.neohapsis.com/archives/fulldisclosure/2004-07/0077.htmlhttp://packetstormsecurity.com/files/167892/Easy-Chat-Server-3.1-Buffer-Overflow.htmlhttp://secunia.com/advisories/12006http://secunia.com/advisories/26461http://secunia.com/advisories/58427https://exchange.xforce.ibmcloud.com/vulnerabilities/16629https://exchange.xforce.ibmcloud.com/vulnerabilities/36013https://www.exploit-db.com/exploits/4289http://www.autistici.org/fdonato/advisory/EasyChatServer1.2-adv.txthttp://www.exploit-db.com/exploits/33326http://www.osvdb.org/7416