CVE-2010-0217

Name of the Vulnerable Software and Affected Versions Zeacom Chat Server versions prior to 5.1

Description The issue allows remote attackers to hijack sessions or cause a denial of service via a brute-force attack due to the use of too short a random string for the JSESSIONID value. This can lead to a Chat Server crash or Tomcat daemon crash.

Recommendations For versions prior to 5.1, update to version 5.1 or later to resolve the issue.