Microsoft Windows Remote Desktop Protocol (RDP) DoS Vulnerability

[Brad]

  * Technical Description *

A vulnerability was identified in Microsoft Windows, which could be exploited by remote attackers to cause a denial of service. This flaw is due to an unspecified error in Terminal Services and Remote Desktop Services that do not properly handle specially crafted requests (port 3389), which could be exploited by attackers to cause a denial of service.

 * Affected Products *

Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition

 * Solution *

Block TCP port 3389 at the firewall.

No official supplied patch for this issue.

 * References *

http://www.frsirt.com/english/advisories/2005/1113
http://www.microsoft.com/technet/security/advisory/904797.mspx