Bugtraq mailing list archives
Remote DoS Attack in BFTelnet Server v1.1 for Windows NT
From: labs () USSRBACK COM (Ussr Labs)
Date: Thu, 4 Nov 1999 05:10:32 -0300
Remote DoS Attack in BFTelnet Server v1.1 for Windows NT PROBLEM UssrLabs found a Remote DoS Attack in BFTelnet Server v1.1 for Windows NT, the buffer overflow is caused by a long user name 3090 characters. If BFTelnet Server is running as a service the service will exit and no messages are displayed on the screen. There is not much to expand on.... just a simple hole Example: palometa@hellme]$ telnet example.com Trying example.com... Connected to example.com. Escape character is '^]'. Byte Fusion Telnet, Copyright 1999 Byte Fusion Corporation Unregistered Evaluation. See www.bytefusion.com/telnet.html (Machine name) Login: [buffer] Where [buffer] is aprox. 3090 characters. At his point the telnet server close. Vendor Status: Contacted Vendor Url: www.bytefusion.com Program Url: www.bytefusion.com/telnet.html Credit: USSRLABS SOLUTION Nothing yet.
Current thread:
- Remote DoS Attack in BFTelnet Server v1.1 for Windows NT Ussr Labs (Nov 04)