RSniff 1.0 allows remote attackers to cause a denial of service (connection exhaustion) via a large number of connections with a command other than AUTHENTICATE, or without any data, which prevents the socket from being closed properly.