cbcvebase.
CVE-2000-0581
published 2000-06-30

CVE-2000-0581: Windows 2000 Telnet Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros, which causes the server to…

PriorityP419medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
23.77%
97.5th percentile
Windows 2000 Telnet Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros, which causes the server to crash.

Affected

3 ranges
VendorProductVersion rangeFixed in
microsoftwindows_2000
microsoftwindows_2000
microsoftwindows_2000

Detection & IOCsextracted from sources · hover to see the quote

commandnc target.host 23 < /dev/zero
  • Detect a continuous stream of binary zero bytes (null bytes) sent to TCP port 23 (Telnet); this is the attack payload targeting the Windows 2000 Telnet Server.
  • Monitor the Windows 2000 Telnet service (tlntsvr.exe) for repeated crashes and automatic restarts; repeated service restarts followed by service disablement are a strong indicator of active exploitation.
  • ·The impact of repeated exploitation is amplified when the Telnet service is configured with automatic restart enabled; once the restart threshold is exceeded the service is permanently disabled until manually re-enabled.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.