https://www.exploit-db.com/exploits/19746
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200003-053

NovellBorderManager3.5存在漏洞，远程攻击者可以通过在2000端口的telnet连接中键入enter键促发拒绝服务。

source: http://www.securityfocus.com/bid/976/info

A feature called the CS Audit Trail Proxy is installed by default with BorederManager 3.0 and 3.5 .This feature opens a listening port at port 2000, on both the internal and external interfaces. If a connection is made to this port and the 'enter' key hit a few times, the server will start experincing memory allocation problems. Eventually the server will have to be rebooted to restore normal functionality.

The CS Audit Trail Proxy is handled by CSATPRX.NLM

telnet target:2000
<enter>
<enter>

来源:BID
名称:976
链接:http://www.securityfocus.com/bid/976
来源:OSVDB
名称:7468
链接:http://www.osvdb.org/7468