Denial of Service in Windows Terminal Services

Reported October 19, 2001, by Microsoft.


All systems running Microsoft Terminal Services, including:

  • Microsoft Windows 2000 Server

  • Microsoft Windows 2000 Advanced Server

  • Microsoft Windows 2000 Datacenter Server

  • Microsoft Windows NT 4.0 Terminal Server Edition


A vulnerability exists in WTS and Win2K RDP service that can result in a Denial of Service (DoS) attack. The attack results from a problem in the service that doesn't properly handle a particular series of data packets. To cause the service to fail, an attacker wouldn't have to connect to the service but only send this series of data packets to the port on which RDP was listening.



The vendor, Microsoft, has released security bulletin MS01-052 to address this vulnerability and recommends that affected users apply the patch at listed URL. Win2K Datacenter patches are hardware specific and will be available from the OEM when they are ready.


Discovered by Luciano Martins of Deloitte & Touche Argentina.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.