[14430] in bugtraq
neat little napster bug
daemon@ATHENA.MIT.EDU (Colten Edwards)
Tue Mar 28 01:16:31 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.10.10003261414330.3980-100000@panasync.canuck.ca>
Date: Sun, 26 Mar 2000 14:18:37 -0600
Reply-To: edwards@bitchx.dimension6.com
From: Colten Edwards <edwards@BITCHX.DIMENSION6.COM>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Seems that napster with it's closed source has a reason to be paranoid.
The client napster.exe has a limit on the length of a line it will accept,
somewhere around 191 chars. However the server will happily pass along
any length you want upto possibly 32767 (unsigned short int). So, if you
send a public msg or a possibly a privmsg to a channel/nick on the server,
with a length longer than 191, it GPF's the client. This works with BETA5
of the client and possibly earlier ones as well. I would ASSUME this could
be developed into something else altogether. Way ta go napster, inc.
Colten Edwards
aka panasync@efnet
