Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Date: Mon May 07 2001 - 19:33:18 CDT
ElectroComm allows you to connect to a comm port on
a computer over a network using any Telnet client.
The program can fall victim to a denial of service.
/-|=[who is vulnerable]=|-\
Electrocomm 2.0 has been tested to be vulnerable.
Prior versions are assumed to be vulnerable as well.
Sending two bursts of characters with a length of
about 160000 each to port 23 will peg CPU to 100%
and then crash with:
Run-time error '381':
Invalid array index.
I have made a perl script that exploits this. It is
in the advisory that is available on the DHC site.
None known at the moment.
Free, encrypted, secure Web-based email at www.hushmail.com