TelnetD Subject to Buffer Overflow and DoS Reported February 21, 2000 by USSRLabs The code that handles the login commands for a telnet session has an unchecked buffer that will allow arbitrary code to execute on the server if it the buffer is overflowed.
DEMONSTRATION
$ telnet example-victim-site.com
VENDOR RESPONSE
We contained Pragma Systems on February 22, where the company responded immediately with the following statement via email:
> We recently discovered that on your ntsecurity
web site that there was a
Further investigation reveals that the Web page provided by Pragma Systems was generating an ODBC error each time someone attempted to send them an email via that page. Because of the error, USSRLabs could not send mail using the Web-based form, and thus, claimed to have experienced a non-responsive condition with the vendor. Pragma has since corrected the Web form errors by placing an HTML mailto link on the technical support page.
Pragma System has stated that their current version is Build 7, which does not appear to contain the buffer overflow condition.
CREDITS
|
TelnetD Subject to Buffer Overflow and DoS
0 comments
Hide comments