header-logo
Suggest Exploit
vendor:
Windows 2000 Server
by:
SecurityFocus
7.5
CVSS
HIGH
Denial of Service
399
CWE
Product Name: Windows 2000 Server
Affected Version From: Microsoft Windows 2000 Server
Affected Version To: Microsoft Windows 2000 Server
Patch Exists: N/A
Related CWE: N/A
CPE: o:microsoft:windows_2000_server
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2002

Microsoft Windows 2000 Server Telnet Server Denial of Service Vulnerability

Microsoft Windows 2000 Server comes with a telnet server to provide remote console access. A remote attacker can send a stream of binary zeros to the server, causing it to fail. If automatic restart is enabled, numerous attacks will cause the telnet server to restart until the maximum failure/restart count is exceeded, at which point the service is disabled. An attacker can exploit this issue using netcat under Linux: nc target.host 23 < /dev/zero

Mitigation:

Disable the telnet service if it is not needed. If it is needed, ensure that automatic restart is disabled.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1414/info

Microsoft Windows 2000 Server comes with a telnet server to provide remote console access. A remote attacker can send a stream of binary zeros to the server, causing it to fail. If automatic restart is enabled, numerous attacks will cause the telnet server to restart until the maximum failure/restart count is exceeded, at which point the service is disabled. 

An attacker can exploit this issue using netcat under Linux:

nc target.host 23 < /dev/zero

Navigation

Suggest Exploit

Services By CQR