Penetration Testing mailing list archives
[PEN-TEST] RDP DOS
From: "krisk () kbeta com" <krisk () kbeta com>
Date: Fri, 16 Feb 2001 14:57:20 -0600
In Reference to CVE: CAN-2001-0014 : Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability. and MS bulletins: http://www.microsoft.com/technet/security/bulletin/ms01-006.asp http://www.microsoft.com/technet/security/bulletin/fq01-006.asp Does anyone know specifically what type of "malformed packets" are being referred to, the tools commonly used to generate them, or any known exploit code for this? I haven't been able to locate any other specifics on this and am especially curious to see how Citrix MetaFrame servers will respond to the same data as well as coming up with some IDS updates to detect it... Thanks! K
Current thread:
- [PEN-TEST] RDP DOS krisk () kbeta com (Feb 16)