COMMAND

    MAS 200

SYSTEMS AFFECTED

    Sage Software's MAS 200

PROBLEM

    Sage Software's  MAS 200  is an  accounting platform  which can be
    configured  to  permit  remote  access  to  server-side  data over
    TCP/IP.  A host application listens for connections on the server,
    and all remote clients use a workstation app to interface with the
    host.

    Running  a  port  scanner  determined   that  the  MAS  200   host
    application listens for connections on port 10000.....

        telnet x.x.x.x  port: 10000

        Connected...

        <enter>

        "The host does not support this application"

        <control + x> X 10    <enter>

        "The host has been disabled"...

        exit

        telnet x.x.x.x port: 10000

        Connected...

        <enter>

        "The host has been disabled"...

    Checking the status of the host app at the server console revealed
    it had indeed been switched  to 'Disabled' status, and all  access
    to the  server from  clients on  the LAN  and WAN  sides thru  the
    client application had been suspended.

    Mike  White  tried  the  same  process  against  ver 3.6 under NT4
    provided the message "The Host cannot run the specified  program".
    A single  CTRL+q however,  seems to  disable the  host.  Sending a
    CTRL+o  will  return  extended  host information. IE, installation
    path, server  memory, listening  IP addresses,  computer name  and
    process owner.

    As a side note  he was able to  kill the host process  entirely by
    pressing any of  the arrow keys  while connected via  telnet.  Any
    currently connected clients will  continue to function but  no new
    connections can be made.

SOLUTION

    Nothing yet.