CVE-2002-0256
Description
The telnet port in Arescom NetDSL 1000 router allows remote attackers to cause a denial of service via a series of connections with long strings, which causes a large number of login failures and causes the telnet service to stop.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
Root cause
"The telnet service does not properly handle long strings during login attempts, leading to a denial of service."
Attack vector
A remote attacker can send a series of connections with long strings to the telnet port (23) of the Arescom NetDSL 1000 router. This flood of login failures eventually causes the telnet service to stop responding. The advisory notes that routing functions may continue to operate normally [ref_id=1].
Affected code
The vulnerability resides within the telnet daemon (telnetd) of the Arescom NetDSL 1000 router. The exploit code targets the telnet service, which listens on port 23 [ref_id=1].
What the fix does
The patch does not show any specific code changes. However, the advisory indicates that the vulnerability is resolved by updating the firmware. The exact mechanism of the fix is not detailed, but it is expected to address the improper handling of long strings during telnet login attempts.
Preconditions
- networkThe target device must be accessible over the network.
- configThe telnet service must be enabled on the router.
Reproduction
The provided reference includes C code that can be used to reproduce the denial of service by flooding the telnet service with long strings [ref_id=1].
Generated on Jun 2, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
3- www.iss.net/security_center/static/8123.phpnvdVendor Advisory
- www.securityfocus.com/bid/4067nvdVendor Advisory
- marc.infonvd
News mentions
0No linked articles in our index yet.