CVE-2000-0581
published 2000-06-30CVE-2000-0581: Windows 2000 Telnet Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros, which causes the server to…
PriorityP419medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
23.77%
97.5th percentile
Windows 2000 Telnet Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros, which causes the server to crash.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_2000 | — | — |
| microsoft | windows_2000 | — | — |
| microsoft | windows_2000 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect a continuous stream of binary zero bytes (null bytes) sent to TCP port 23 (Telnet); this is the attack payload targeting the Windows 2000 Telnet Server. ↗
- →Monitor the Windows 2000 Telnet service (tlntsvr.exe) for repeated crashes and automatic restarts; repeated service restarts followed by service disablement are a strong indicator of active exploitation. ↗
- ·The impact of repeated exploitation is amplified when the Telnet service is configured with automatic restart enabled; once the restart threshold is exceeded the service is permanently disabled until manually re-enabled. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/1414http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.1000630161841.4619A-100000%40fjord.fscinternet.comhttp://www.securityfocus.com/bid/1414http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.1000630161841.4619A-100000%40fjord.fscinternet.com
2000-06-30
Published