Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

SX-20000620-1

🗓️ 07 Jul 2000 00:00:00Reported by securexpert.comType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 27 Views

Denial of Service vulnerability in Microsoft Windows 2000 Telnet Server can be exploited remotely.

Code
`FSC Internet / SecureXpert Labs  
  
SecureXpert Labs Advisory [SX-20000620-1] - Denial of Service  
vulnerability in Microsoft Windows 2000 Telnet Server  
  
Summary  
  
Microsoft Windows 2000 Server is supplied with a Telnet server for remote  
console access. A Denial of Service vulnerability exists in this server which  
may be exploited by a local or remote attacker.  
  
Details  
  
A remote user can cause the telnet server to stop responding to requests by  
sending a stream of binary zeros to the telnet server. This can easily be  
reproduced from a Linux system using netcat with an input of /dev/zero,  
with a command such as "nc target.host 23 < /dev/zero". The Windows  
2000 Telnet Server stops responding to requests after a few seconds. If  
the Telnet Server is set to restart upon failure, it will restart and  
immediately fail. This will occur repeatedly until the Telnet Server exceeds  
its restart count, at which point the service remains down.  
  
Status  
  
Microsoft Corp. has been informed of this vulnerability, and has assigned it  
incident ID# [MSRC 290]. As of Tuesday June 2000, Microsoft has successfully  
reproduced the vulnerability and SecureXpert Labs staff are working with Microsoft  
to prepare a fix.  
  
Credits  
  
Mike Murray, SecureXpert Labs  
Max Degtyar, SecureXpert Labs  
Richard Reiner, SecureXpert Labs  
  
About SecureXpert DIRECT  
  
SecureXpert DIRECT is an advance security advisory service provided by  
SecureXpert Labs. Subscriptions are free of charge and may be obtained  
online at http://www.securexpert.com/services.html.  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
07 Jul 2000 00:00Current
7.4High risk
Vulners AI Score7.4
denial of service vulnerabilitymicrosoft windows 2000telnet server exploitremote attackersecurexpert labs.
27