GAMSoft Telsrv DoS Vulnerability

GAMSoft Telsrv telnet server is prone to a trivial denial-of-service attack. If a malicious user were to connect to port 23 and supply a username of approximately 4550 characters, the telnet application would crash. Restarting the service is required to regain normal functionality.

In some cases, Telsrv will return an error message that contains a valid username and password in plain-text format. This can be used to gain unauthorized access to the telnet server.


 

Privacy Statement
Copyright 2010, SecurityFocus