Sambar Telnet Proxy/Server multiple vulnerablietis

From: kyprizel (kyprizelat_private)
Date: Mon Aug 13 2001 - 09:55:38 PDT

Next message: Anton Rager: "Sample implementation of new WEP weakness"

Previous message: David Smith: "Re: ZyXEL Prestige 642R: Exposed Admin Services on WAN with Default Password"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

1.DOS to Sambar Server(WWW,FTP,Telnet and others)

It's able to connect to another hosts, using Sambar Telnet
Proxy/Server...
typing "connect 127.0.0.1 23" we are connecting to localhost of the server...connecting so many(40 and more) times we'll make server do not respond on other requests...

2.Telnet Proxy/Server buffer overflow(long passwd-DOS, possible command execution)

sending string "A"*N and N > 1100 we'll rewrite Server's ECX and EBX with 0x61 - ASCII code of "A"...server will close itself...
it's hard to write shellcode - if you want - write it yourself...

 //kyprizel                          mailto:kyprizelat_private

Next message: Anton Rager: "Sample implementation of new WEP weakness"
Previous message: David Smith: "Re: ZyXEL Prestige 642R: Exposed Admin Services on WAN with Default Password"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Aug 12 2001 - 09:39:52 PDT