source: https://www.securityfocus.com/bid/976/info
A feature called the CS Audit Trail Proxy is installed by default with BorederManager 3.0 and 3.5 .This feature opens a listening port at port 2000, on both the internal and external interfaces. If a connection is made to this port and the 'enter' key hit a few times, the server will start experincing memory allocation problems. Eventually the server will have to be rebooted to restore normal functionality.
The CS Audit Trail Proxy is handled by CSATPRX.NLM
telnet target:2000
<enter>
<enter>