CVE-2002-0552

Name of the Vulnerable Software and Affected Versions Melange Chat server version 2.02

Description The issue is related to multiple buffer overflows that can be triggered by various means, including a long argument in the "/yell" command, long lines in the "/etc/melange.conf" configuration file, or long file names. This can cause a denial of service, resulting in a crash, and potentially allow the execution of arbitrary code.

Recommendations For Melange Chat server version 2.02, consider disabling the "/yell" command and restricting access to the configuration file to prevent exploitation until a fix is available. Additionally, limiting file name lengths can help mitigate the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.