GoodTech Telent Server DoS - 02 Dec 1999

 
GoodTech Telnet Server Subject to DoS
Reported December 5, 1999 by USSRLABS

VERSIONS AFFECTED
GoodTech Telnet Server v2.2.1

DESCRIPTION

UssrLabs reported a possible denial of service attack against GoodTech Telent server due to a buffer overflow condition. The buffer overflow is caused by unchecked buffer in the login sequence.

DEMONSTRATION

\[[email protected]\]$ telnet example.com
Trying example.com...
Connected to example.com.
Escape character is "^\]".

Welcome to GoodTech Telnet Server for Windows NT (V2.2) (Evaluation Copy)
(C) Copyright 1996-1999 GoodTech Systems, Inc.

Login username: (buffer)

\[ where (buffer) is 23870 characters \]

VENDOR RESPONSE

GoodTech has been aware of the problem. No response is known at this time. 

CREDITS
Discovered by USSRLABS

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish