Terminal Server Denial of Service Attack with Duplicated Objects Between Sessions

ID: Q229441

The information in this article applies to:

Microsoft Windows NT Server version 4.0, Terminal Server Edition

SYMPTOMS

A possible denial of service attack exists in Windows NT Server 4.0, Terminal Server Edition when objects containing session-specific information are duplicated between sessions.

CAUSE

Desktop and window station objects are system objects allocated by the object manager in global system memory and are accessible from all sessions. The problem occurs when a handle to a dekstop or window station is opened from one session and duplicated to a program running in another session.

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows NT Server 4.0, Terminal Server Edition or the individual software update. For information on obtaining the latest service pack, please go to:

http://www.microsoft.com/windows/servicepacks/

Q152734 How to Obtain the Latest Windows NT Server 4.0 Service Pack

For information on obtaining the individual software update, contact Microsoft Product Support Services. For a complete list of Microsoft Product Support Services phone numbers and information on support costs, please go to the following address on the World Wide Web:

http://www.microsoft.com/support/supportnet/overview/overview.asp

STATUS

Microsoft has confirmed this to be a problem in Windows NT Server 4.0, Terminal Server Edition. This problem was first corrected in Windows NT Server 4.0, Terminal Server Edition Service Pack 4.

Additional query words:

Keywords :
Version : winnt:4.0
Platform : winnt
Issue type : kbbug