Skip navigation
Menu
End-User Platforms>Windows 7/8

IP Address Spoofing Vulnerability in Microsoft Windows Terminal Services

Reported November 19, 2001, by Xato Network Security.

VERSIONS AFFECTED

 

  • Microsoft Windows XP

  • Microsoft Windows 2000

 

DESCRIPTION
A vulnerability exists in Microsoft Windows Terminal Services that might let a hacker cause both the Terminal Services Manager and the Windows Event Log to record a spoofed IP address for Terminal Services connections. This vulnerability stems from Windows Terminal Services use of the connecting client’s internal IP address. By using Network Address Translation (NAT), an attacker can fool Windows Terminal Services into thinking that the client is connecting from a different IP address.

 

VENDOR RESPONSE

The vendor, Microsoft, has acknowledged this vulnerability and will issue a fix as part of Windows 2000 Service Pack 3.

 

CREDIT
Discovered by Sozni of Xato Network Security.

TAGS: Security
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
PowerShell screenshot shows Where-Object cmdlet
How to Use the PowerShell Where-Object Cmdlet
Aug 04, 2022
shield_icon_laptop.jpg
What To Do When Windows Defender Is Not Working
Mar 15, 2022
Computer Screen Showing Password Dialog Box
Microsoft Edge Downloads Updated for Azure AD Sign-In & Sync
Aug 22, 2019
mktg-wp-nolabel5
How to Approach the Windows 7 to 10 Migration
Aug 01, 2019