Winsock RSHD/NT DoS
Winsock RSHD/NT mishandles invalid port assignments to the stderr stream.
This enables remote attackers to launch a DoS attack.
Vulnerable systems:
Winsock RSHD/NT version 2.20.00
Whenever an rsh client connects to the daemon, it sends the port number to which the daemon will send all its informational data (stderr). When this port is an invalid one (a negative number for example), or a port below 1024, the product will consume a large amount of CPU time.
Vendor status:
Vendor was informed but no measures were taken.