Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Instant Messaging/IRC/Chat)  >   ParaChat Server Vendors:   ParaChat Group
ParaChat Server Input Validation Flaw Discloses Files to Remote Users
SecurityTracker Alert ID:  1011438
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Sep 28 2004
Impact:   Disclosure of system information, Disclosure of user information
Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 5.5
Description:   Donato Ferrante reported a directory traversal vulnerability in ParaChat Server. A remote user can view files located on the target system.

It is reported that the server does not properly validate user-supplied input. A remote user can connect to the target system and supply an HTTP GET request containing '..%5C/' directory traversal characters to view arbitrary files on the target system.

A demonstration exploit URL is provided:


The vendor has been notified.

Impact:   A remote user can view files on the target system with the privileges of the target chat service.
Solution:   No solution was available at the time of this entry. The vendor is reportedly working on a fix.
Vendor URL: (Links to External Site)
Cause:   Access control error, Input validation error
Underlying OS:  Linux (Any), UNIX (FreeBSD), UNIX (Solaris - SunOS), Windows (NT)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Sep 29 2004 (Vendor Issues FIx) ParaChat Server Input Validation Flaw Discloses Files to Remote Users
The vendor has issued a fix.

 Source Message Contents

Subject:  directory traversal in ParaChat Server 5.5

                           Donato Ferrante

Application:  ParaChat Server

Version:      5.5

Bug:          directory traversal

Date:         28-Sep-2004

Author:       Donato Ferrante


1. Description
2. The bug
3. The code
4. The fix


1. Description:

Vendor's Description:

"ParaChat Server v5.5 is a fast, easy and affordable way to host and
manage your own real-time communication software - for one web site,
or for multiple web sites."


2. The bug:

The server is not able to manage the sequence "..%5C/", that is
equal to "..\/", this lets an attacker to navigate through the
victim system simply using a web browser.


3. The code:

To test the vulnerability:



4. The fix:

Vendor was contacted.
Bug will be fixed in the next version.


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, LLC