MS02-018: Microsoft Windows Distributed Transaction Coordinator (DTC) Malformed Input DoS (319733) (intrusive check)

This script is Copyright (C) 2002-2017 Tenable Network Security, Inc.

Synopsis :

The remote service is prone to a denial of service attack.

Description :

By sending a long series of malformed data (such as 20200 NULL bytes)
to the remote Windows MSDTC service, it is possible for an attacker to
cause the associated MSDTC.EXE to use 100% of the available CPU and
exhaust kernel resources.

See also :

Solution :

Microsoft has reportedly included the fix in MS02-018.

Risk factor :

High / CVSS Base Score : 7.8
CVSS Temporal Score : 7.8
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 10939 ()

Bugtraq ID: 4006

CVE ID: CVE-2002-0224

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now