CVE-2001-0348
Microsoft Windows 2000 - Denial of Service via Long Telnet Logon Command with Backspace
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2001-0348. PoCs published by Michal Zalewski.
AI-analyzed exploit summary This exploit targets a denial of service vulnerability in the telnet service by sending a large input buffer followed by additional characters, causing the service to stop responding.
Description
Microsoft Windows 2000 telnet service allows attackers to cause a denial of service (crash) via a long logon command that contains a backspace.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Michal Zalewski · bashdoswindows
https://www.exploit-db.com/exploits/20907
This exploit targets a denial of service vulnerability in the telnet service by sending a large input buffer followed by additional characters, causing the service to stop responding.
Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target:
telnet service (version not specified)
No auth needed
Prerequisites:
network access to the target telnet service
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (5)
Core 5
Core References
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-031
Third Party Advisory, US Government Resource third-party-advisory
government-resource
x_refsource_ciac
http://www.ciac.org/ciac/bulletins/l-092.shtml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/6666
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/2838
Various Sources vendor-advisory
x_refsource_bindview
http://razor.bindview.com/publish/advisories/adv_mstelnet.html
Scores
EPSS
0.1718
EPSS Percentile
96.7%
Details
Status
published
Products (1)
microsoft/windows_2000
Published
Jul 21, 2001
Tracked Since
Feb 18, 2026