Several Windows 2000 Services Subject to DoS

Several Windows 2000 Services Subject to DoS
Reported June 30 Reported June 30 by Max Degtyar, Mike Murray, and Richard Reiner of SecureXpert Labs

Several Windows 2000 Services


Windows 2000 can be made to use 100% CPU cycles by sending a stream of zeros to any of several listening ports, which include TCP service ports for echo, discard, FTP, Telnet, as well as UDP service ports for DNS, NetBIOS, and many others.


Test the bug by using a tool such as netcat along with an input of /dev/zero. For example, the following netcat command will perform an attack against UDP port 53:

nc  -u  53  <  /dev/zero


On July 14th we received an official response from Microsoft"s Security Reponse Center, quoted below:

The Microsoft Security Response Center has worked extensively with SecureXpert to investigate their report. However, we have not been able to cause a machine to respond as their report describes. We have asked SecureXpert for additional information, and will continue our investigation when we receive it.

We"ll update this report upon the receipt of further information.


Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.