COMMAND

    iPArty

SYSTEMS AFFECTED

    Who ever uses iParty (Win)

PROBLEM

    HD Moore found  following.  iParty  is an audio/text  chat program
    for Windows.  The iParty server listens on a specified port  (6004
    is default) for client requests.  If someone connects to the  chat
    server and sends  a large amount  of 'ÿ' characters  (ASCII 255 or
    Hex FF), the  server will simply  close itself and  disconnect all
    the current  users.   Nothing shows  up in  the log  file, and the
    attacker  does  not  need  to  know  the 'chat room' name.  iParty
    seems to use a modified version of the X-Win protocol, as it  uses
    the same format as X  for session request responses.   The easiest
    way to exploit this hole is:

        cat /dev/kmem | telnet targetserver.com 6004

SOLUTION

    Nothing yet, but don't use this software.