CVE-2004-1802

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Chat Anywhere 2.72 and earlier allows remote attackers to hide their IP address by using %00 before the nickname, which causes the IP address to be displayed as $IP$ on the administration web page.

Ссылки

http://aluigi.altervista.org/adv/chatany-ghost-adv.txt
Exploit
http://marc.info/?l=bugtraq&m=107885946220895&w=2
http://www.lionmax.com/chatanywhere.htm
Patch
http://www.securityfocus.com/bid/9823
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/15416
http://aluigi.altervista.org/adv/chatany-ghost-adv.txt
Exploit
http://marc.info/?l=bugtraq&m=107885946220895&w=2
http://www.lionmax.com/chatanywhere.htm
Patch
http://www.securityfocus.com/bid/9823
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/15416

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:lionmax_software:chat_anywhere:*:*:*:*:*:*:*:*

Версия до 2.72 (включая)

EPSS

Процентиль: 66%

0.00521

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-j5q2-25f4-p838

github

больше 3 лет назад