#######################################################################

Application:  KpyM telnet server v1.05 for Windows NT/2000/XP 
Url:          http://kpym.sourceforge.net/
Versions:     <= 1.05
Platforms:    Windows
Bug:          Socket flood bug
Risk:         High
Exploitation: Remote
Date:         3 Gen 2004
Author:       NoRpiUs
              e-mail: norpius@altervista.org
              web:    http://norpius.altervista.org

#######################################################################


1) Introduction
2) Bug
3) The Code
4) Fix
5) Screenshoot


#######################################################################


=======================
1) Introduction
=======================

KpyM telnet server is a good tool that open the famous login port, like the name says. It is written by Kroum Grigorov. Here you can find the v1.05:
http://norpius.altervista.org/Kts105.exe
I tell you this because on the main site now there is the v1.06.

=======================
2) Bug
=======================

The connection was marked free before all the components(sockets/threads etc) were shut down.
When there are few connections it is not noticible since before a new connection arrives the old
one is already free but with a lot of connections the server crashes.

=======================
3) The code
=======================

Here you can find the source .c and the binary file.
http://norpius.altervista.org/kpym.zip

=======================
4) Fix
=======================

The new version that fixed this bug has already released.

=======================
5) Screenshoot
=======================

C:\lcc\bin>kpym 80.116.180.23

KpyM Telnet Server v1.05 DoS
by NoRpiUs
e-mail: norpius@altervista.org
web: http://norpius.altervista.org


[+] Connecting to 80.116.180.23:23...
[+] Waiting for the crash...........................................................
................................................................................
..
[+] Crashed

C:\lcc\bin>