|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Remote DoS Attack in GoodTech Telnet Server NT v2.2.1 Vulnerability
Subject: Remote DoS Attack in GoodTech Telnet Server NT v2.2.1 Vulnerability
From: Ussr Labs (labs
USSRBACK.COM)
Date: Mon Dec 06 1999 - 00:18:18 CST
- Next message: marvinNSS.NU: "Re: idlescan (ip.id portscanner)"
- Previous message: Jeremy Kothe: "new IE5 remote exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Remote DoS Attack in GoodTech Telnet Server NT v2.2.1 Vulnerability
PROBLEM
UssrLabs found a Remote DoS Attack in GoodTech Telnet Server NT v2.2.1,
the buffer overflow is caused by a long user name 23870 characters.
There is not much to expand on.... just a simple hole
Example:
[gimmemoreitsme]$ telnet example.com
Trying example.com...
Connected to example.com.
Escape character is '^]'.
Welcome to GoodTech Telnet Server for Windows NT (V2.2) (Evaluation Copy)
(C) Copyright 1996-1999 GoodTech Systems, Inc.
Login username: (buffer)
Overflow Crashh.
Where (buffer) is 23870 characters.
Vendor Status:
Contacted.
Vendor Url: http://www.goodtechsys.com/
Program Url: http://www.goodtechsys.com/products.htm
Credit: USSRLABS
SOLUTION
Nothing yet.
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h
http://www.ussrback.com
- Next message: marvinNSS.NU: "Re: idlescan (ip.id portscanner)"
- Previous message: Jeremy Kothe: "new IE5 remote exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Mon Dec 06 1999 - 12:56:56 CST