/*
Proof of Concept for Melange Chat Server 1.10
a lame remote bof exploit by XXXXX 12/24/02

Credits go to:
- iDefense Labs for the advisory
- blink for discovering the bug
- Irian for the shellcode

With careful calculation it is *possible* to control even the EIP,
not just one byte of EIP.
There are to a few things that will happen if we use a wrong ret address:
1. Seg fault / shut down.
2. Keep on going < nothing happens >.

Code tested on Suse 8.0 and RH 7.3
Merry Xmas :)
*/


http://www.securiteam.com/exploits/6W00L1F6AS.html


A remotely exploitable buffer overflow in the product allows a remote attacker to completely compromise the server. The following is an exploit code that can be used to test your own system for the mentioned vulnerability.



Cpanels banner for melange:

Melange Chat Server (Version 1.10)

We never had it enabled on any servers. Melange is one of those tools that Cpanel had thrown in very early when they are trying to put together as many tools as possible as an aftersight. I don't think they are willing to maintain it much (just like some of their script installations).

Ditto sprintserve we have never had it enabled and that's why.

yeah but alot of people have it enabled!

I'll have to go check if I have it enabled, hopefully it's not.

I think it's entropychat that I have enabled, is that the same thing?

Originally posted by 93.3
I think it's entropychat that I have enabled, is that the same thing?
No.

This vuln is pretty old, i thought that everyone was aware about it by now.

RogelioH, You would be surpised @ the ammount of people that have it running