CVE-2002-0552

Melange Chat server 2.02 - Buffer Overflow via Long Argument or Configuration Line

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0552. PoCs published by DVDMAN.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Melange Chat System by sending an overly large '/yell' command. It establishes a TCP connection to the target and sends a crafted payload to trigger a denial-of-service (DoS) condition.

Description

Multiple buffer overflows in Melange Chat server 2.02 allow remote or local attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long argument in the /yell command, (2) long lines in the /etc/melange.conf configuration file, (3) long file names, or possibly other attacks.

Exploits (1)

exploitdb WORKING POC VERIFIED

by DVDMAN · perldosmultiple

https://www.exploit-db.com/exploits/21379

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Melange Chat System by sending an overly large '/yell' command. It establishes a TCP connection to the target and sends a crafted payload to trigger a denial-of-service (DoS) condition.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Melange Chat System

No auth needed

Prerequisites: Network access to the target Melange Chat Server · Target server must be running and accessible

MITRE ATT&CK