|
Binary Exploit
ex_telnd.exe
Source of Binary Exploit
ex_telnd.zip
|
USSR Advisory Code: USSR-2000033
Release Date:
February 22, 2000
Systems Affected:
InterAccess TelnetD Server 4.0 for Windows NT and possibly others versions.
THE PROBLEM
UssrLabs found a Local / Remote Buffer overflow, The code that handles the login commands in the telnet
session has an unchecked buffer that will allow arbitrary code to be executed if it is overflowed.
Example:
[hellme@die-communitech.net$ telnet example.com
Trying example.com...
Connected to example.com.
Escape character is '^]'.
InterAccess TelnetD Server (30 Day Trial Version)
Release 4.0 Build May 4 1998
Copyright (C) 1994-1998 by Pragma Systems, Inc.
All rights reserved.
This copy will expire on Tue Mar 21 20:01:50 2000
login name: (buffer)
Where [buffer] is aprox. 300 characters.
Exploit: the Exploit, lags the machine until 100% cpu time
Vendor Status:
Now Contacted
Vendor Url: http://www.pragmasys.com/
Program Url: http://www.pragmasys.com/TelnetD/
Credit: USSRLABS
SOLUTION
Noting yet.
Greetings:
Eeye, Attrition, w00w00, beavuh, Rhino9, ADM, HNN, Technotronic and Wiretrip.
|