Microsoft Terminal Server
New (3.1.1)
Impact
A vulnerability in Microsoft Windows NT 4.0 Terminal
Server could allow a remote attacker to execute arbitrary
code.
Background
The Windows NT 4.0 Terminal Server Edition adds Windows
based terminal support to the Windows NT 4.0 Server. It
allows use of the Windows NT operating system from platforms
that otherwise could not run Windows NT, such as Win16,
Macintosh, and Unix.
The Problem
A buffer overflow in the code that handles the terminal
server's login prompt could allow a remote attacker to
execute arbitrary code without logging in. This could
allow the attacker to
read, modify, or delete files, or upload programs and
run them.
Windows NT 4.0 Terminal Server is affected by this
vulnerability, unless the patch has been applied.
Resolution
Apply the patch referenced in
Microsoft Security Bulletin 00-087. It is also a good
idea to filter TCP port 3389 at the firewall or router, such
that only connections from legitimate users will be
accepted.
Where can I read more about this?
For more information, see
Microsoft Security Bulletin 00-087 and the
Frequently Asked Questions about this vulnerability.