Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Advisory for Spynet Chat
From: Amaury Jacquot <sxpert () WWW ESITCOM ORG>
Date: Tue, 8 May 2001 21:01:21 +0200

Quoting neme-dhc () HUSHMAIL COM:

 [ Advisory for Spynet Chat                        ]
 [ Spynet Chat is made by Spytech                  ]
 [ Site: http://www.spytech-web.com                ]
 [ by nemesystm of the DHC                         ]
 [ (http://dhcorp.cjb.net - neme-dhc () hushmail com) ]
 [ ADV-0120                                        ]

/-|=[explanation]=|-\
Spynet Chat is a chat server. It suffers from a
denial of service.

/-|=[who is vulnerable]=|-\
Spynet Chat 6.5
has been tested and was vulnerable. Prior versions
are assumed to be vulnerable as well.

/-|=[testing it]=|-\
By opening up roughly 100 sockets in Perl and then
using the normal Spynet Client to connect the
server crashes with:
S65server has caused an error in <unknown>.
S65server will now close.

if this is on windows 95/98/ME, this is a known limitation in
windows that cannot accomodate more than 100 opened sockets at
the same time (thus gives random errors in application programs)

Amaury

I have made a perl script that exploits this. It is
in the advisory that is available on the DHC site.
http://www.emc2k.com/dhcorp/homebrew/scs.zip

/-|=[fix]=|-\
None known at the moment.
Free, encrypted, secure Web-based email at www.hushmail.com



Raph
Ingenieur en position du lotus
12 rue de la lumiere blanche
92130 Issy les Bouddhas


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault