Vulnerability Development mailing list archives

Re: Windows2000 telnet exploit

From: Sandro Gauci <Sandro () GFI COM>
Date: Thu, 23 Nov 2000 11:32:06 +0100

Hi,

I have also previously noticed this error message when supplying long
usernames 
and/or passwords to the Telnet server in Windows 2000. This is not exactly a

problem in the Telnet Server but rather a problem in the overall
authentication 
process of Windows 2000, because I have also noticed the issue on a 3rd
Party 
(non-MS) software which uses Windows 2000 authentication. I do not think
this 
is a buffer overflow, the error message suggests that Windows 2000 is
searching 
for some file: I cannot see any reason behind this. 



Regards,

Sandro Gauci
GFI Security Lab

Current thread:

Windows2000 telnet exploit Philip Wagenaar (Nov 23)
- <Possible follow-ups>
- Re: Windows2000 telnet exploit Sandro Gauci (Nov 24)
  - Re: Windows2000 telnet exploit Olle Segerdahl (Nov 25)
- Re: Windows2000 telnet exploit Marty (Nov 27)
- Re: Windows2000 telnet exploit Robert G. Ferrell (Nov 28)
  - Re: Windows2000 telnet exploit David Rhodus (Nov 29)