Re: Local / Remote D.o.S Attack in InterAccess TelnetD Server Rel ease 4.0 *ALL BUILDS* for WinNT Vulnerability

[JLicquia () SPRINGFIELDCLINIC COM (Licquia, Jeff)]

Tested on NTW 4.0 SP4 w/ InterAccess TelnetD 4.0 Build 8 for NT, evaluation
version.  No effect.

I will note that Build 8 was released on February 25 (today).  The online
release notes, as well as the README.TXT in the TelnetD subdirectory,
contain these lines:

------------- Release 4.0 Build 8 Start ----------------------------------

- FIX: Denial of Service vulnerability issue

------------- Release 4.0 Build 8 End  ----------------------------------

No mention, however, is made of this problem on any other page I could find
on their Web site: no advisories, recommendations, or whatever.
Additionally, I could not find any mention of USSR Labs anywhere on their
site for attribution.  They do apparently allow licensed users of TelnetD
4.0 to download updated versions (but not versions 3.0 or earlier, as far as
I can tell).

Draw your own conclusions.