[原文]LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service (server crash and client CPU consumption) via a username beginning with percent (%) followed by a null character.
Chant Anywhere contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker connects to the chat server with a fake username, and may result in loss of availability for the system running the chat server.
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): Vendor recommends adding password protection on the chat rooms.