InterAccess TelnetD Server 4.0 Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

InterAccess TelnetD Server 4.0 Buffer Overflow Vulnerability

The Pragma Systems InterAccess TelnetID Server 4.0 (Build 4) has an unchecked buffer in the code that handles login commands. Arbitrary code is capable of being executed on the InterAccess TelnetD Server if a string of over 300 characters is used as a login name.