Security Home > Windows NT, 2000 & XP

Terminal Server Connection Request Flooding Vulnerability

Due to the way Windows TSE handles requests to open a new terminal connection a vulnerability exists that could pose a denial-of-service threat.

Issue

When a request to open a new terminal connection is received by a Terminal Server, the server undertakes a resource-intensive series of operations to prepare for the connection. It does this before authenticating the request. This would allow an attacker to mount a denial of service attack by levying a large number of bogus connection requests and consuming all memory on the Terminal Server.

This vulnerability could be exploited remotely if connection requests are not filtered. In extreme cases, the server could crash in the face of such an attack; in other cases, normal processing would return when the attack ceased.

Affected Products

  • Microsoft Windows NT Server 4.0, Terminal Server Edition

Download

Patch: ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40tse/hotfixes-postSP4/Flood-fix/

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: August 9, 1999

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<