CVE-2002-0597

Microsoft Windows 2000 - Denial of Service via Malformed Data to Microsoft-DS Port

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2002-0597. PoCs published by ch0wn, Daniel Nystrom.

AI-analyzed exploit summary The provided text describes a denial-of-service (DoS) vulnerability in Windows 2000's Lanman service, triggered by sending malformed data to port 445, leading to high CPU and kernel memory usage. No actual exploit code is included, only a reference to a GitLab link for a binary exploit.

Description

LANMAN service on Microsoft Windows 2000 allows remote attackers to cause a denial of service (CPU/memory exhaustion) via a stream of malformed data to microsoft-ds port 445.

Exploits (2)

exploitdb WRITEUP VERIFIED
by ch0wn · textdoswindows
https://www.exploit-db.com/exploits/21389

The provided text describes a denial-of-service (DoS) vulnerability in Windows 2000's Lanman service, triggered by sending malformed data to port 445, leading to high CPU and kernel memory usage. No actual exploit code is included, only a reference to a GitLab link for a binary exploit.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Windows 2000 Lanman service
No auth needed
Prerequisites: Network access to port 445 on a vulnerable Windows 2000 system
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Daniel Nystrom · cdoswindows
https://www.exploit-db.com/exploits/21388

This exploit sends a large number of NULL byte strings to port 445 (Microsoft DS) on a Windows 2000 target, causing high CPU and memory usage in the Lanman service, leading to a denial of service (DoS). It supports both TCP and UDP protocols for the attack.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Microsoft Windows 2000 (Lanman service on port 445)
No auth needed
Prerequisites: Network access to the target's port 445 (TCP/UDP)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/693099
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/5179
Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/8867.php
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/4532
Third Party Advisory mailing-list x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0025.html
Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://online.securityfocus.com/archive/1/268066
Vendor Advisory vendor-advisory x_refsource_mskb
http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ320751

Scores

EPSS 0.5150
EPSS Percentile 98.8%

Details

Status published
Products (1)
microsoft/windows_2000 (3 CPE variants)
Published Jun 18, 2002
Tracked Since Feb 18, 2026