NT Terminal Server Multiple Connection Request DoS Vulnerability

Windows NT 4.0 Terminal Server will start to create a Terminal Server connection immediately upon receiving a TCP connection on port 3389, even before authenticating the system or user making the request. Each connection instance requires about 1MB of memory. If enough requests are made concurrently to a server with low memory and no cap on simultaneous requests, the system will slow down to the point where it is unusable by legitimate users, and in some cases will crash and need to be rebooted.


 

Privacy Statement
Copyright 2010, SecurityFocus