GoodTech Telnet Server Subject to DoS
Reported December 5, 1999 by USSRLABS
VERSIONS AFFECTED
GoodTech Telnet Server v2.2.1

DESCRIPTION

UssrLabs reported a possible denial of service attack against GoodTech Telent server due to a buffer overflow condition. The buffer overflow is caused by unchecked buffer in the login sequence.

DEMONSTRATION

\[gimmemore@itsme\]$ telnet example.com
Trying example.com...
Connected to example.com.
Escape character is "^\]".

Welcome to GoodTech Telnet Server for Windows NT (V2.2) (Evaluation Copy)
(C) Copyright 1996-1999 GoodTech Systems, Inc.

Login username: (buffer)

\[ where (buffer) is 23870 characters \]

VENDOR RESPONSE

GoodTech has been aware of the problem. No response is known at this time. 

CREDITS
Discovered by USSRLABS