Re: Telnetd AYT overflow scanner and linux telnet 0.17

[H D Moore <hdm () secureaustin com>]

Two minor corrections, the caffiene hadn't kicked in yet:

On Tuesday 31 July 2001 01:02 pm, H D Moore wrote:
> Linux telnetd is very buggy, whether or not it is exploitable is a
> different story.  By sending many AYT's, you overwrite the netoprintf
> variable with the string "\r\n[ hostname : yes]\r\n", which will eventually

netoprintf is the function, netobuf is the buffer we smash.

> How to calculate the number of bytes each AYT request causes to be written
> to netoprintf:

Same as above.

-HD