Overview
The Microsoft Windows 2000 Telnet Service contains a denial-of-service vulnerability that allows unprivileged local users to terminate existing telnet sessions.
Description
The Microsoft Windows 2000 Telnet Service contains a vulnerability that allows unprivileged local users to execute system calls that can terminate existing telnet sessions. Remote attackers who wish to exploit this vulnerability must first gain sufficient access to upload a program to the server and execute it. |
Impact
This vulnerability allows an unprivileged local user to terminate existing telnet sessions, resulting in a denial-of-service condition. |
Solution
Apply a patch from your vendor Microsoft has released a patch for this vulnerability; for further information, please consult the systems affected section below. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This document was written by Jeffrey P. Lanza and is based on information provided by Microsoft.
Other Information
| CVE IDs: | CVE-2001-0351 |
| Severity Metric: | 1.77 |
| Date Public: | 2001-06-07 |
| Date First Published: | 2001-09-18 |
| Date Last Updated: | 2001-09-18 23:27 UTC |
| Document Revision: | 11 |