[ http://www.rootshell.com/ ]

Subject: iParty can be shut down remotely

iParty is an audio/text chat program for Windows.  The iParty server
listens on a specified port (6004 is default) for client requests.  If
someone connects to the chat server and sends a large amount of '^?'
characters (ASCII 255 or Hex FF), the server will simply close itself
and disconnect all the current users.  Nothing shows up in the log
file, and the attacker does not need to know the 'chat room' name.
iParty seems to use a modified version of the X-Win protocol, as it
uses the same format as X for session request responses.  The easiest
way to exploit this hole is:

cat /dev/kmem | telnet targetserver.com 6004