CGI abuses : VChat information disclosure

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.11471

Category: CGI abuses

Title: VChat information disclosure

Summary: NOSUMMARY

Description: Description:

It is possible to retrieve the log of all the chat sessions
that have occured on the remote vchat server by requesting
the file vchat/msg.txt

An attacker may use this flaw to read past chat sessions and
possibly harass its participants.

In addition to this, another flaw in the same product may allow an attacker
to consume all the resources of the remote host by sending a long
message to this module.

Solution : None at this time. Add a .htaccess file to prevent an attacker
from obtaining this file

Risk factor : Low

Cross-Ref: BugTraq ID: 7186
BugTraq ID: 7188

Copyright This script is Copyright (C) 2003 Renaud Deraison

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.11471
Category:	CGI abuses
Title:	VChat information disclosure
Summary:	NOSUMMARY
Description:	Description: It is possible to retrieve the log of all the chat sessions that have occured on the remote vchat server by requesting the file vchat/msg.txt An attacker may use this flaw to read past chat sessions and possibly harass its participants. In addition to this, another flaw in the same product may allow an attacker to consume all the resources of the remote host by sending a long message to this module. Solution : None at this time. Add a .htaccess file to prevent an attacker from obtaining this file Risk factor : Low
Cross-Ref:	BugTraq ID: 7186 BugTraq ID: 7188
Copyright	This script is Copyright (C) 2003 Renaud Deraison