COMMAND

    InterAccess

SYSTEMS AFFECTED

    Pragma InterAccess

PROBLEM

    nemesystm  of  the   DHC  (ADV-0119)  found   following.    Pragma
    InterAccess provides daemons like telnet, rexecd and rshd for  the
    Windows environment.  It is vulnerable to a denial of service.

    Pragma InterAccess  Release 4.0  Build 5  has been  tested and was
    vulnerable.  Prior versions are assumed to be vulnerable as well.

    Sending a burst of  characters with a length  of 15000 to port  23
    Interaccess will crash with:

        Telnet95 has caused an error to occur in telnet95.exe

    There is a perl script that exploits this.  It is in the  advisory
    that is available on the DHC site:

        http://www.emc2k.com/dhcorp/homebrew/pragma.zip

SOLUTION

    Install Pragma InterAccess Release 4.0 Build 6.