Microsoft Windows 2000/NT Terminal Server RDP拒绝服务漏洞

漏洞信息详情

Microsoft Windows 2000/NT Terminal Server RDP拒绝服务漏洞

• CNNVD编号：CNNVD-200112-048
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2001-0663
  
• 漏洞类型：
  
  
  其他
  
• 发布时间：
  
  2001-12-06
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-05-02
  
• 厂        商：
  
  microsoft
• 漏洞来源：
  Discovered by Luci…

Windows NT和Windows 2000的Terminal Server存在漏洞。远程攻击者可以借助无效Remote Desktop Protocol (RDP)数据包的一个序列导致服务拒绝。

Users of Windows 2000 Datacenter Server should contact their equipment manufacturer for details on obtaining patches.
Users that installed the original patches may have experienced Terminal Service functionality issues. Microsoft has re-released the following patches which rectify this issue. These patches were re-released on October 22nd, 2001.
Microsoft found that the patch released on October 22nd, 2001 was affected by a denial of service vulnerability. Microsoft has updated the patch.
Microsoft RDP 4.0

• Microsoft Q307454This patch addresses RDP 4.0 included with Windows NT 4.0 Terminal Server.
  
  http://download.microsoft.com/download/winntsp/Patch/q307454/NT4/EN-US
  /Q307454i.exe

Microsoft RDP 5.0

• Microsoft Q307454This patch addresses RDP 5.0 included with Windows 2000.
  
  http://download.microsoft.com/download/win2000platform/Patch/q307454/N
  T5/EN-US/Q307454_W2K_SP3_x86_en.exe

来源: MS
名称: MS01-052
链接:http://www.microsoft.com/technet/security/bulletin/ms01-052.asp

来源: XF
名称: win-rdp-packet-dos(7302)
链接:http://xforce.iss.net/static/7302.php

来源: BID
名称: 3445
链接:http://www.securityfocus.com/bid/3445