CVE-2001-0616

Freestyle Chat < 4.1 - Denial of Service via MS-DOS Device Name Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0616. PoCs published by nemesystm.

AI-analyzed exploit summary This exploit describes a DoS vulnerability in a chat server where submitting a request containing the 'AUX' MS-DOS device name causes the server to crash. The server must be manually restarted to resume normal operation.

Description

Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a remote attacker to create a denial of service via a URL request which includes a MS-DOS device name (e.g., GET /aux HTTP/1.0).

Exploits (1)

exploitdb WRITEUP VERIFIED

by nemesystm · textdoswindows

https://www.exploit-db.com/exploits/20883

View Code ZIP pw:eip

This exploit describes a DoS vulnerability in a chat server where submitting a request containing the 'AUX' MS-DOS device name causes the server to crash. The server must be manually restarted to resume normal operation.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Unspecified chat server (likely older Windows-based software)

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/6602

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/2777

Exploit, Patch, Vendor Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2001-05/0241.html

Scores

EPSS 0.0706

EPSS Percentile 93.4%

Details

Status published

Products (1)

faust_informatics/freestyle_chat < 4.1

Published Aug 14, 2001

Tracked Since Feb 18, 2026