header-logo
Suggest Exploit
vendor:
Windows 2000
by:
SecurityFocus
7.5
CVSS
HIGH
Denial of Service
N/A
CWE
Product Name: Windows 2000
Affected Version From: Windows 2000
Affected Version To: Windows 2000
Patch Exists: NO
Related CWE: N/A
CPE: o:microsoft:windows_2000
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2002

Windows 2000 Denial of Service Vulnerability

Sending a stream of binary zeros to any one of a number of Windows 2000 ports can cause 100% CPU utilization. The ports that were found vulnerable include TCP ports 7, 9, 21, 23, 7778 and UDP ports 53, 67, 68, 135, 137, 500, 1812, 1813, 2535, 3456. This can easily be reproduced from a Linux system using netcat with an input of /dev/zero, with a command such as 'nc target.host 7 < /dev/zero' for the TCP variant or 'nc -u target.host 53 < /dev/zero' for the UDP variant.

Mitigation:

Disable the vulnerable ports or restrict access to them.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1415/info

Sending a stream of binary zeros to any one of a number of Windows 2000 ports can cause 100% CPU utilization. The ports that were found vulnerable include TCP ports 7, 9, 21, 23, 7778 and UDP ports 53, 67, 68, 135, 137, 500, 1812, 1813, 2535, 3456. 

This can easily be reproduced from a Linux system using netcat with an input of /dev/zero, with a command such as "nc target.host 7 < /dev/zero" for the TCP variant or "nc -u target.host 53 < /dev/zero" for the UDP variant.

Navigation

Suggest Exploit

Services By CQR