BFTelnet Server v1.1 Subject to Denial of Service
Reported November 4, 1999 by USSRLABS
UssrLabs found a remote DoS attack in BFTelnet Server v1.1 for Windows NT. The buffer overflow is caused by a long user name 3090 characters. If BFTelnet Server is running as an NT service when attacked, the service will exit and no messages are displayed on the screen.
Telnet to the BFTelnet Server as follows:
[email protected]\]$ telnet example.com
Byte Fusion Telnet, Copyright
1999 Byte Fusion Corporation
(Machine name) Login: \[buffer\]
Where \[buffer\] is approximately 3090 characters. At this point the telnet server close.
The vendor, Byte Fusion, is aware of the problem, however no response has been issued as of November 4, 1999.
Reported by USSRLABS
Posted here at NTSecurity.NET on November 4, 1999