Easy Chat Server Buffer Overflow Vulnerability Allowing Arbitrary Code Execution

A buffer overflow vulnerability has been identified in Easy Chat Server version 3.1. This vulnerability allows remote attackers to execute arbitrary code and access sensitive information by exploiting the chat message functionality. The issue arises when the server processes chat messages, potentially leading to unauthorized code execution.

Impact

Exploitation of this vulnerability causes a buffer overflow, which can lead to arbitrary code execution on the server.

Reproduction

The vulnerability can be reproduced by sending a chat message request with a large payload, approximately 40,000 characters, in the 'mtowho' recipient field. This request should be sent after authenticating as a valid user and joining a chat session. The oversized payload causes the Easy Chat Server process to crash while handling the message, demonstrating the denial-of-service impact.

Remediation

To address this vulnerability, it is recommended to enforce strict maximum lengths for chat message parameters, validate recipient usernames against known users, and implement robust exception handling around message parsing. Additionally, running the service under a supervisor that can restart it after a crash may help mitigate the impact.