labs34.htm

labs34.htm: Posted Feb 24, 2000; Authored by Underground Security Systems Research; USSR Advisory #34 - Local/Remote D.o.S Attack in InterAccess Telnet Server Release 4.0 (All Builds) Windows95/98/WinNT. The code that handles the Terminal client configurations to the Telnet server in the connection procedure contains a buffer overflow, causing Telnetd to crash.; tags | remote, overflow, local; systems | windows; SHA-256 | 0bdd9580503830aa0647e9839d98b921538bdc30f5ff55c343a02f65a3cc2142; Download | Favorite | View

labs34.htm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Local/Remote D.o.S Attack in InterAccess Telnet Server Release 4.0
*ALL BUILDS* for Windows95/98/WinNT Vulnerability

USSR Advisory Code:   USSR-2000034

Release Date:
February 24 2000

Systems Affected:
InterAccess TelnetD Server 4.0 for WinNT and others versions.
InterAccess TelnetD Server 4.0 for Windows95/98 and others versions.
InterAccess TelnetD Server 4.0 build 4 for WiNT
InterAccess TelnetD Server 4.0 build 5 for WiNT
InterAccess TelnetD Server 4.0 build 6 for WiNT
InterAccess TelnetD Server 4.0 build 7 for WiNT (Release 4.0   Build
Jan  5 2000)
InterAccess TelnetD Server 4.0 for Windows95/98 Build 3
InterAccess TelnetD Server 4.0 for Windows95/98 Build (Release 4.0  
Build Jan  6 2000)


THE PROBLEM

UssrLabs found a Local / Remote DOS Attack, The code that handles the
Terminal client configurations to the 
Telnet server in the connection procedure, has an unchecked size that
cause the TelnetD Service Crash.

Binary or source for this D.O.S: 
https://www.ussrback.com/telnetd/dostelnetd.exe  (binary)
https://www.ussrback.com/telnetd/dostelnetd.zip  (Source)

Vendor Status:
We show to the vendor the d.o.s Problem and the vendor think we
pinging to the machine, so, 
that is like Vendor not contacted :)

Vendor   Url: https://www.pragmasys.com/
Program Url: https://www.pragmasys.com/TelnetD/
Program Url: https://www.pragmasys.com/Telnet95/

Credit: USSRLABS

SOLUTION
Contact Pragma Systems.

NOTE:
We try help pragma people to show their program is vulnerable to
D.o.S attack, and the only responce of 
pragma was "STOP PING SERVER", so we decide release the advisory.


Greetings:
Eeye, Attrition, w00w00, beavuh, Rhino9, ADM, HNN, Technotronic and
Wiretrip.

u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c
h
https://www.ussrback.com


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.2 for non-commercial use <https://www.pgp.com>

iQA/AwUBOLWkyNybEYfHhkiVEQKZGACeKRtpBWam+Hgplx9nRiWEy3yk4q8AoOHZ
yo9eCjR9zbFHQOr5L1OBKvGs
=cBLP
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 61 files
Debian 20 files
LiquidWorm 20 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,160)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,842)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,249)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,975)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

labs34.htm

labs34.htm

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

labs34.htm

Share This

labs34.htm

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems