[19270] in bugtraq
RDP DOS any specifics?
daemon@ATHENA.MIT.EDU (krisk@kbeta.com)
Fri Feb 16 19:10:19 2001
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <MAEJINHNCANCFMEJGIPLKEKKCLAA.krisk@kbeta.com>
Date: Fri, 16 Feb 2001 15:19:26 -0600
Reply-To: krisk@kbeta.com
From: "krisk@kbeta.com" <krisk@KBETA.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In Reference to CVE:
CAN-2001-0014 : Remote Data Protocol (RDP) in Windows 2000 Terminal Service
does not properly handle certain malformed packets, which allows remote
attackers to cause a denial of service, aka the "Invalid RDP Data"
vulnerability.
and MS bulletins:
http://www.microsoft.com/technet/security/bulletin/ms01-006.asp
http://www.microsoft.com/technet/security/bulletin/fq01-006.asp
Does anyone know specifically what type of "malformed packets" are being
referred to, if a specific tool is being used to generate them, or any known
exploit
code for this? I haven't been able to locate any other specifics on this and
am especially curious to see how Citrix MetaFrame servers will respond to
the same type of data as well as coming up with some IDS updates to detect
it...
Thanks!
K
