This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
DOS:WINDOWS:MS-RDP-PATTERN-DOS
|
Severity |
Minor
|
Recommended |
No
|
Category |
DOS
|
Keywords |
Windows XP RDP Denial of Service
|
Release Date |
2003/04/22
|
Update Number |
1213
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
DOS: Windows XP RDP Denial of Service
Microsoft RDP Server shipped with Windows XP is vulnerable to a denial of service attack. This attack does not require that the client be authenticated with the RDP server because the attack happens in the negotiation before the drawing of the login screen. This vulnerability is present in Microsoft RDP 4.0, 5.0 and 5.1. It affects Windows XP and Windows .NET Standard Server Beta 3.
Extended Description
The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command, aka "Denial of Service in Remote Desktop."
Affected Products
- Microsoft .net_windows_server beta3
- Microsoft .net_windows_server beta3 (:standard)
- Microsoft windows_2000 (:advanced_server)
- Microsoft windows_2000 (:datacenter_server)
- Microsoft windows_2000 (:professional)
- Microsoft windows_2000 (:server)
- Microsoft windows_2000 (sp1)
- Microsoft windows_2000 (sp1:advanced_server)
- Microsoft windows_2000 (sp1:datacenter_server)
- Microsoft windows_2000 (sp1:professional)
- Microsoft windows_2000 (sp1:server)
- Microsoft windows_2000 (sp2)
- Microsoft windows_2000 (sp2:advanced_server)
- Microsoft windows_2000 (sp2:datacenter_server)
- Microsoft windows_2000 (sp2:professional)
- Microsoft windows_2000 (sp2:server)
- Microsoft windows_2000 (sp3)
- Microsoft windows_2000 (sp3:advanced_server)
- Microsoft windows_2000 (sp3:datacenter_server)
- Microsoft windows_2000 (sp3:professional)
- Microsoft windows_2000 (sp3:server)
- Microsoft windows_2000_terminal_services (sp1)
- Microsoft windows_2000_terminal_services (sp2)
- Microsoft windows_2000_terminal_services (sp3)
- Microsoft windows_xp (:64-bit)
- Microsoft windows_xp (gold)
- Microsoft windows_xp (gold:professional)
- Microsoft windows_xp (:home)
- Microsoft windows_xp (sp1)
- Microsoft windows_xp (sp1:64-bit)
- Microsoft windows_xp (sp1:home)
References