Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web :: Servers :: fschat~1.htm

Freestyle Chat server Directory traversal vulnerability

    Freestyle Chat server


    Freestyle Chat server every version prior to 4.1 SR3


    nemesystm of the  DHC found following.   Freestyle Chat server  is
    http chat environment.  It is vulnerable to a variation of the dot
    dot bug.   Freestyle also  suffers from  a device  name denial  of

    Freestyle Chat server 3.73 was tested and is vulnerable.  The
    creator of Freestyle Chat server has verified that every version
    prior to 4.1 SR3 is vulnerable.

    By requesting

    one can  grab any  file they  want.   Naturally variations  on the
    examples above are also possible.

    By requesting

    one can crash the server.  This is not a problem in Windows  2000,
    only in Windows ME/98.


    4.1  SR3  was  released  because  of this vulnerability.  Download
    Freestyle Chat server 4.1 SR3.  If upgrading is not an option  for
    some reason, a  patch is also  available on the  Faust Informatics

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH