Home » Hacking News » Simple Chat information disclosure
Simple Chat information disclosure
by Nikola Strahija on March 29th, 2003 A weakness has been found in Simple Chat which allows a remote attacker to gain information and thus launch attacks against Simple Chat users.
Vulnerable:
Hot-Things.net Simple Chat! 1.0
Hot-Things.net Simple Chat! 1.1
Hot-Things.net Simple Chat! 1.2
Hot-Things.net Simple Chat! 1.3
Solution:
A simple workaround would be to make a .htaccess file which
will require authorization before accessing the /data subdirectory
of Simple Chat.
References:
Htaccess tutorial from Hot-Things.net:
- http://hot-things.net/temp/htaccess.txt
Discovered by:
subj, r2subj3ct (at) dwclan.org