Remote DoS Attack in GoodTech Telnet Server NT v2.2.1

From: Ussr Labs (labsat_private)
Date: Sun Dec 05 1999 - 22:18:18 PST

Next message: Jeremy Kothe: "new IE5 remote exploit"

Previous message: marvinat_private: "Re: idlescan (ip.id portscanner)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Remote DoS Attack in GoodTech Telnet Server NT v2.2.1 Vulnerability

PROBLEM

UssrLabs found a Remote DoS Attack in GoodTech Telnet Server NT v2.2.1,
the buffer overflow is caused by a long user name 23870 characters.

There is not much to expand on.... just a simple hole

Example:
[gimmemore@itsme]$ telnet example.com
Trying example.com...
Connected to example.com.
Escape character is '^]'.

Welcome to GoodTech Telnet Server for Windows NT (V2.2) (Evaluation Copy)

(C) Copyright 1996-1999 GoodTech Systems, Inc.


Login username: (buffer)

Overflow Crashh.

Where (buffer) is 23870 characters.

Vendor Status:
Contacted.

Vendor   Url: http://www.goodtechsys.com/
Program Url: http://www.goodtechsys.com/products.htm

Credit: USSRLABS

SOLUTION
    Nothing yet.

u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c h
http://www.ussrback.com

Next message: Jeremy Kothe: "new IE5 remote exploit"
Previous message: marvinat_private: "Re: idlescan (ip.id portscanner)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:17:30 PDT