BFTelnet Username Handling Remote Overflow DoS

Critical Nessus Plugin ID 10026


The remote telnet server has a remote buffer overflow vulnerability.


It was possibly to crash the remote telnet server by sending a very long user name. A remote attacker could exploit this to crash the server, or possibly execute arbitrary code.


Upgrade to the latest version of this telnet server.

Plugin Details

Severity: Critical

ID: 10026

File Name: bftelnet.nasl

Version: $Revision: 1.32 $

Type: remote

Agent: windows

Family: Windows

Published: 1999/11/04

Modified: 2017/10/25

Dependencies: 10281, 11936

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1999/11/03

Reference Information

CVE: CVE-1999-0904

BID: 771

OSVDB: 1136

EDB-ID: 19596