Hi Josh, I was still able to telnet to the box after the scan, so I'd say the telnet service didn't crash.
Bilal -----Original Message----- From: Josh Zlatin-Amishav [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 20, 2005 3:53 PM To: Nasrallah, Bilal [CAR:1229:EXCH] Cc: [email protected] Subject: Re: Buffer Overflow Vulnerability On Wed, 20 Jul 2005, Bilal Nasrallah wrote: > Hi Folks, > I've run a scan on one of our devices and the report highlighted a > security hole in the telnet server (TCP port 23). It reported the > following: > "The Telnet server does not return an expected number of replies when > it receives a long sequence of 'Are You There' commands. This probably > means it overflows one of its internal buffers and crashes. It is > likely an attacker could abuse this bug to gain control over the > remote host's super user." However, the box didn't crash! Is it still > a high vulnerability? Hi Bilal, Did the telnet service crash though? When you send SYN packets to port 23 on the target machine do you receive SYN/ACK in return (you can test this with hping). -- - Josh > > Thanks, > > > Bilal Nasrallah > Network Management Engineering > Information Services > Nortel > ESN 393-3791 or (613) 763-3791 > Mailstop 04351M18 Ottawa, Ontario > Email: [EMAIL PROTECTED] > > -- - Josh GPG: 445F 7FB3 3D99 EE8C 99A4 4313 352D FFD4 02B2 C7F3 _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
