Microsoft Terminal Server 4.0 Vulnerable to DoS Attack


Reported November 8, 2000 by CORE SDI

VERSIONS AFFECTED
  • Windows NT 4.0 Terminal Server  

DESCRIPTION

A buffer overflow in Windows NT 4.0 Terminal Server running SP6a and below has been identified to be remotely exploitable.  The overflow is present in the RegAPI.DLL that is called by MSGINA.DLL when a user attempts to login.

By entering a long username in the username edit box, a malicious user could cause the Terminal Server to crash.  When performed locally, this overflow could result in the execution of arbitrary commands.

VENDOR RESPONSE

Microsoft has released a security bulletin, MS00-0087 and a patch that is available from;

http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25565

CREDIT
Discovered by
CORE SDI

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish