header-logo
Suggest Exploit
vendor:
Freestyle Chat Server
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: Freestyle Chat Server
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Freestyle Chat Server Directory Traversal Vulnerability

Freestyle Chat server from Faust Informatics incorporates interactive chat functionality into websites. Versions of Freestyle Chat are vulnerable to directory traversal attacks. This can allow a remote user to request files from outside the normal webserver directory scope. Properly exploited, this could provide information useful in further attacks on the vulnerable host.

Mitigation:

Ensure that the web server is configured to only serve files from the intended directory.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2776/info

Freestyle Chat server from Faust Informatics incorporates interactive chat functionality into websites.

Versions of Freestyle Chat are vulnerable to directory traversal attacks. This can allow a remote user to request files from outside the normal webserver directory scope.

Properly exploited, this could provide information useful in further attacks on the vulnerable host. 

http://www.example.com/.../.../scandisk.log

Navigation

Suggest Exploit

Services By CQR