GoodTech Telnet Server NT拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1105673 漏洞类型 缓冲区溢出
发布时间 1999-12-06 更新时间 2005-05-02
CVE编号 CVE-1999-0991 CNNVD-ID CNNVD-199912-033
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/19666
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-199912-033
|漏洞详情
GoodTechTelnetServerNT存在缓冲区溢出漏洞。远程攻击者借助一个长用户名可以引发拒绝服务。
|漏洞EXP
source: http://www.securityfocus.com/bid/862/info


GoodTech Telnet Server NT 2.2.1 is vulnerable to a remote denial of service attack due to an unchecked buffer. If 23870 or more characters are entered at the username prompt, the software will crash.

GoodTech's Telnet Server 95/98 may also be vulnerable to this overflow. 

$ telnet victimhost

Trying victimhost...
Connected to victimhost.
Escape character is '^]'.

Welcome to GoodTech Telnet Server for Windows NT (V2.2) (Evaluation Copy)

(C) Copyright 1996-1999 GoodTech Systems, Inc.


Login username: (32870 characters)

...server crash
|参考资料

来源:BID
名称:862
链接:http://www.securityfocus.com/bid/862