|
|
|
|
|
|
|
| |
KpyM Telnet Server DoS |
|
| This script is Copyright (C) 2004-2009 Tenable Network Security, Inc. |
|
|
| Family | Windows |
| Nessus Plugin ID | 11983 (kpym_telnet_overflow.nasl) |
| Bugtraq ID | 9379
|
| CVE ID |
|
|
| Description: |
Synopsis :
The remote telnet server is prone to a denial of service attack.
Description :
The remote host is running KpyM Telnet Server, a Telnet server for
Windows.
According to its banner, the installed version of KpyM is older than
1.06. Such versions mark a connection as free before all components,
such as sockets and threads, are shut down. By flooding the service
with connections, an attacker can cause the service to crash.
See also :
http://norpius.altervista.org/kpymen.htm
Solution :
Upgrade to version 1.06 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
|
|
|
|
|
|
