A code baseline to test the UPNP DoS has been released. The DoS consists in sending a UDP packet to port 1900 with a NOTIFY request. This request has a URL that XP uses to open a TCP connection. Windows XP does not sanitize this request so whatever URL and port could be specified. Once the TCP connection is opened, a Chargen code fills the XP memory and the machine gets into an unstable state with a 100% of CPU utilization.