Rapid7 VulnDB

MS99-028: Terminal Server Connection Request Flooding Vulnerability

Back to Search

MS99-028: Terminal Server Connection Request Flooding Vulnerability

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
08/09/1999
Created
07/25/2018
Added
11/30/2004
Modified
07/30/2012

Description

Your system may require one or more security patches or hotfixes from Microsoft.

When a request to open a new terminal connection is received by a Terminal Server, the server undertakes a resource-intensive series of operations to prepare for the connection. It does this before authenticating the request. This would allow an attacker to mount a denial of service attack by levying a large number of bogus connection requests and consuming all memory on the Terminal Server. This vulnerability could be exploited remotely if connection requests are not filtered. In extreme cases, the server could crash in the face of such an attack; in other cases, normal processing would return when the attack ceased. The patch works by causing the server to require authentication before processing the connection reques

Solution(s)

  • install-microsoft-patch-d2f6eb0b0413c5a0316e313daa59b504

References

  • install-microsoft-patch-d2f6eb0b0413c5a0316e313daa59b504

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;