COMMAND

    Conference Room Professional

SYSTEMS AFFECTED

    Conference Room Professional-Developer Edititon

PROBLEM

    Murat found following.   This has been  only tested on  Windows NT
    4.0 sp6a and Windows 2000 pro.

    Conference Room  1.8.1x or  older versions  are subject  to a  DoS
    attack when following commands are used.

    Make to connections  to the irc  server second being  the clone of
    other.   On second  connection (clone)  type "/ns  buddy on".   On
    first connection type "/ns buddy add <clone client nickname>".  On
    clone type "/ns  auth accept 1"  and the services  crashes.  Since
    conference  room  saves  databases  at 15min intervals, everything
    done in  this period  will be  deleted.   Services cannot  connect
    automatically to  the server.   Only a  "/servstart" issued  by an
    ircop or admin  will return the  services to normal  functionality
    and connect to server.

    If your  irc server  using Conference  Room 1.8.2x  "/ns buddy on"
    can't run,  cuz professional  edt. can't  support "buddy" command.
    Register it one channel, and  type it commands "/ns set  authorize
    chanlists on", "/cs aop <#ChannelName> add <NickName>", "/ns  auth
    accept 1".  and the services crashes.  Since conference room saves
    databases at 15min intervals, everything done in this period  will
    be deleted.  Services cannot connect automatically to the  server.
    Only a "/servstart"  issued by an  ircop or admin  will return the
    services to normal functionality and connect to server.

SOLUTION

    This vulnerability  does not  work on  Conference Room  Enterprise
    Edition.

    This  attack  only  seems  to   work  on  the  WIN32  version   of
    ConferenceRoom and is fixed in version 1.8.2 and later.  It should
    also be noted that versions  of ConferenceRoom prior to 1.8.1  are
    not  vulnerable   since  these   commands  don't   exist.    Also,
    installations  of  ConferenceRoom  that  don't  use  the   network
    services module aren't vulnerable.

    It is adviseed to  all customers using releases  of ConferenceRoom
    prior to  1.8.2a to  upgrade to  1.8.2a for  a variety of reasons.
    This  upgrade  is  free  to  all  customers  and  is available for
    download from http://www.webmaster.com/update.shtml