Vulnerability
Spynet Chat
Affected
Spynet Chat 6.5
Description
nemesystem of the DHC found following. Spynet Chat is a chat
server. It suffers from a denial of service.
Spynet Chat 6.5 has been tested and was vulnerable. Prior
versions are assumed to be vulnerable as well.
By opening up roughly 100 sockets in Perl and then using the normal
Spynet Client to connect the server crashes with:
S65server has caused an error in <unknown>.
S65server will now close.
nemesystem has made a perl script that exploits this. It is in
the advisory that is available on the DHC site:
http://www.emc2k.com/dhcorp/homebrew/scs.zip
Solution
None known at the moment. If this is on windows 95/98/ME, this
is a known limitation in windows that cannot accomodate more than
100 opened sockets at the same time (thus gives random errors in
application programs).
Credits
-- UnKnown --
|