The Microsoft Windows 2000 Telnet Service contains a denial-of-service vulnerability that allows remote attackers to disrupt the telnet service on affected servers.
The Microsoft Windows 2000 Telnet Service contains a vulnerability in the section of code that performs range checking on incoming telnet session requests. By sending a large sequence of characters, the delete character (ASCII 0x7F), and an additional sequence of characters, it is possible to crash the Telnet Service.
This vulnerability allows a remote attacker to crash the Telnet Service, resulting in a denial-of-service condition.
Apply a patch from your vendor
Microsoft has released a patch for this vulnerability; for further information, please consult the systems affected section below.
This document was written by Jeffrey P. Lanza and is based on information provided by Microsoft and the BindView Razor Team.
|Date First Published:||2001-09-18|
|Date Last Updated:||2001-09-18 23:27 UTC|