DOS: Windows XP RDP Denial of Service
Microsoft RDP Server shipped with Windows XP is vulnerable to a denial of service attack. This attack does not require that the client be authenticated with the RDP server because the attack happens in the negotiation before the drawing of the login screen. This vulnerability is present in Microsoft RDP 4.0, 5.0 and 5.1. It affects Windows XP and Windows .NET Standard Server Beta 3.
Extended Description
The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command, aka "Denial of Service in Remote Desktop."
Affected Products
Microsoft windows_2000
Short Name
DOS:WINDOWS:MS-RDP-PATTERN-DOS
Severity
Minor
Recommended
False
Recommended Action
None
Category
DOS
Keywords
CVE-2002-0864 Denial RDP Service Windows XP bid:5713 of
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
Port
TCP/3389
False Positive
Unknown
Vendors
Microsoft
CVSS Score
5.0