Sambar Telnet Proxy/Server multiple vulnerablietis

2001-08-13T00:00:00
ID SECURITYVULNS:DOC:1924
Type securityvulns
Reporter Securityvulns
Modified 2001-08-13T00:00:00

Description

1.DOS to Sambar Server(WWW,FTP,Telnet and others)

It's able to connect to another hosts, using Sambar Telnet Proxy/Server... typing "connect 127.0.0.1 23" we are connecting to localhost of the server...connecting so many(40 and more) times we'll make server do not respond on other requests...

2.Telnet Proxy/Server buffer overflow(long passwd-DOS, possible command execution)

sending string "A"*N and N > 1100 we'll rewrite Server's ECX and EBX with 0x61 - ASCII code of "A"...server will close itself... it's hard to write shellcode - if you want - write it yourself...

//kyprizel mailto:kyprizel@tusur.ru