|Handle Leak in Telnet Service Causes a Denial-of-Service Vulnerability
Microsoft Knowledge Base Article: 300905 - A denial-of-service vulnerability exists in the Windows 2000 Telnet service because of a handle leak when a Telnet session is terminated in a certain way. By repeatedly starting sessions and then terminating them, an attacker could deplete
the supply of handles on the server to the point where it could no
longer perform useful work.
Interactive Performance of Telnet Server is Slow
Microsoft Knowledge Base Article: 244681 - When you use the Telnet client program to connect to a Telnet server running Microsoft Windows 2000 Server in VTNT terminal emulation mode, you may experience slow server performance.
Logon Command That Contains a Particular Malformation Causes an Access Violation in the Telnet Service
Microsoft Knowledge Base Article: 299553 - A denial-of-service vulnerability exists in the Windows 2000 Telnet service that is caused by the manner in which Telnet handles a logon command that contains a particular deformity. If an attacker entered such a command, it would cause the
Telnet service to stop working. The administrator could restore
normal service by restarting the Telnet session.
Predictable Named Pipes Could Enable Privilege Elevation with Telnet
Microsoft Knowledge Base Article: 287912 - Two privilege-elevation vulnerabilities exist in the Windows 2000 Telnet service that could enable an attacker to gain full control over an affected server, and enable the attacker to take any action on the
Program Running with Normal Privileges Can Terminate a Telnet Session
Microsoft Knowledge Base Article: 300908 - A denial-of-service vulnerability exists in the Windows 2000 Telnet service because even though the management console for the Telnet service requires administrative privileges, some of the underlying system calls do not.
In particular, a program that is running with normal privileges
could make system calls to terminate a Telnet session. If an
attacker had the ability to load and run a program on a Telnet
server, the attacker could terminate any Telnet session.
Removing Services for UNIX Version (SFU) 1.0 Also Removes Telnet Server Service
Microsoft Knowledge Base Article: 250879 - When you remove Services for UNIX Version 1.0, the Telnet Server service is also removed.
Telnet Service Allows Logging On to Domain Guest Account
Microsoft Knowledge Base Article: 300901
- An information-disclosure vulnerability exists in the Windows 2000 Telnet service that can make it easier for an attacker to exploit an incorrectly configured network. It would not give an attacker a way to do anything that the attacker
could not already do. In the worst case, the vulnerability could
assist an attacker in gaining access to a domain account.
Telnet Server Is Vulnerable to a Denial of Service Attack
Microsoft Knowledge Base Article: 307298 - When an AYT scanner sends a large number of 0xFFF6 (IAC followed by AYT - requests to a Windows 2000-based Telnet server, the server is vulnerable to a denial of service attack and a potential buffer overflow.
Telnet Session Hangs When You Open a GUI Program
Microsoft Knowledge Base Article: 232293 - If you open a program in a Telnet session that is connected to a server running Microsoft Windows 2000 Telnet Server, the session may stop responding (hang).
Windows 2000 Telnet Server Stops Responding After Binary Input
Microsoft Knowledge Base Article: 267843 - When a Windows 2000-based computer that is running the Telnet Server service receives a malformed stream of binary zeros as input from a Telnet client, the Telnet Server service may stop responding (hang).