Date: Mon, 13 Aug 2001 22:55:38 +0600
From: kyprizel <[email protected]>
To: [email protected]Subject: Sambar Telnet Proxy/Server multiple vulnerablietis
1.DOS to Sambar Server(WWW,FTP,Telnet and others)
It's able to connect to another hosts, using Sambar Telnet
Proxy/Server...
typing "connect 127.0.0.1 23" we are connecting to localhost of the server...connecting so many(40 and more) times we'll make server do not respond on other requests...
2.Telnet Proxy/Server buffer overflow(long passwd-DOS, possible command execution)
sending string "A"*N and N > 1100 we'll rewrite Server's ECX and EBX with 0x61 - ASCII code of "A"...server will close itself...
it's hard to write shellcode - if you want - write it yourself...
//kyprizel mailto:[email protected]
