MS02-018: Microsoft Windows Distributed Transaction Coordinator (DTC) Malformed Input DoS (319733) (intrusive check)

High Nessus Plugin ID 10939


The remote service is prone to a denial of service attack.


By sending a long series of malformed data (such as 20200 NULL bytes) to the remote Windows MSDTC service, it is possible for an attacker to cause the associated MSDTC.EXE to use 100% of the available CPU and exhaust kernel resources.


Microsoft has reportedly included the fix in MS02-018.

See Also

Plugin Details

Severity: High

ID: 10939

File Name: msdtc_dos.nasl

Version: $Revision: 1.31 $

Type: remote

Agent: windows

Family: Windows

Published: 2002/04/20

Modified: 2017/08/30

Dependencies: 17975

Risk Information

Risk Factor: High


Base Score: 7.8

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

Vulnerability Information

CPE: cpe:/o:microsoft:windows, cpe:/a:microsoft:internet_information_server, cpe:/a:microsoft:sql_server

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2002/01/31

Reference Information

CVE: CVE-2002-0224

BID: 4006

OSVDB: 13434

MSFT: MS02-018

MSKB: 319733