Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Incorrectly executing commands of telnet servers #2687

Open
jerrytesting opened this issue Aug 8, 2021 · 0 comments
Open

Incorrectly executing commands of telnet servers #2687

jerrytesting opened this issue Aug 8, 2021 · 0 comments

Comments

@jerrytesting
Copy link

jerrytesting commented Aug 8, 2021

Telnet servers can execute many commands from clients like ls, help, write and append. For example, the ls command is able to show the contents of a certain directory in remote servers, and then servers reply executing results to clients.

However, telnet servers don't correctly handle all commands. This bug could be reproduced in the case of listing(i.e., ls) the content of a directory with many files. This bug appears as telnet servers put all responses in a fixed-length buffer in the implementation. Telnet servers only put messages into buffer but don't have a check whether successfully or not. Hence, when the buffer is full, it can lead to responses lost.

Remote attackers can write many long-name files in one directory until the buffer is full. Then when receiving requests from clients, servers cannot send any responses to clients. This bug may bring the denial of service to telnet servers.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant