Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Amaury Jacquot (sxpertWWW.ESITCOM.ORG)
Date: Tue May 08 2001 - 14:01:21 CDT
> [ Advisory for Spynet Chat ]
> [ Spynet Chat is made by Spytech ]
> [ Site: http://www.spytech-web.com ]
> [ by nemesystm of the DHC ]
> [ (http://dhcorp.cjb.net - neme-dhchushmail.com) ]
> [ ADV-0120 ]
> Spynet Chat is a chat server. It suffers from a
> denial of service.
> /-|=[who is vulnerable]=|-\
> Spynet Chat 6.5
> has been tested and was vulnerable. Prior versions
> are assumed to be vulnerable as well.
> /-|=[testing it]=|-\
> By opening up roughly 100 sockets in Perl and then
> using the normal Spynet Client to connect the
> server crashes with:
> S65server has caused an error in <unknown>.
> S65server will now close.
if this is on windows 95/98/ME, this is a known limitation in
windows that cannot accomodate more than 100 opened sockets at
the same time (thus gives random errors in application programs)
> I have made a perl script that exploits this. It is
> in the advisory that is available on the DHC site.
> None known at the moment.
> Free, encrypted, secure Web-based email at www.hushmail.com
Ingenieur en position du lotus
12 rue de la lumiere blanche
92130 Issy les Bouddhas