Windows 2000 [telnet] ?problem?

[Erik Tayler <erik () DIGITALDEFENSE NET>]

I was able to confirm the "problem" that has been floating around the
vuln-dev list. It worked with the value of NTLM being 0, and also worked
as 1. Other posters confirm that they may login as "Administrator" via
such methods, I was unable to confirm such a result. It is my
understanding that in order for this little flaw to work, you may not
have the Guest account disabled.

Microsoft (R) Windows (TM) Version 5.00 (Build 2195)
Welcome to Microsoft Telnet Service
Telnet Server Build 5.00.99201.1
login: guest
Login through Guest account not allowed
login: \\guest
[truncated output][login was successful]


Erik Tayler
Security Analyst
Digital Defense Incorporated
http://www.digitaldefense.net