Tutorial - Microsoft Terminal Server

Microsoft Terminal Server

Impact

A vulnerability in Microsoft's Windows NT Terminal Server could allow a remote attacker to execute arbitrary code.

Background

The Windows NT 4.0 Terminal Server Edition adds Windows based terminal support to the Windows NT Server. This facility provides terminal access to non Windows NT platforms.

The Problem

A buffer overflow in the code that handles the terminal server's login prompt could allow a remote attacker to execute arbitrary code without logging in. This could allow the attacker to access files (read, modify), or upload programs and run them.

Unpatched Windows NT 4.0 Terminal Server is affected by this vulnerability.

Resolution

Apply the patch referenced in
Microsoft Security Bulletin 00-087.

Where can I read more about this?

For more information, see Microsoft Security Bulletin 00-087 and the Frequently Asked Questions about this vulnerability.