Skip to main content

CVE-1999-0285: Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a

High
VulnerabilityCVE-1999-0285cve-1999-0285rcedenial of service
Published: Fri Jan 01 1999 (01/01/1999, 05:00:00 UTC)
Source: NVD
Vendor/Project: microsoft
Product: windows_nt

Description

Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection.

AI-Powered Analysis

AILast updated: 06/29/2025, 05:10:36 UTC

Technical Analysis

CVE-1999-0285 is a high-severity denial of service (DoS) vulnerability affecting the Telnet service included in the Windows NT Resource Kit. The vulnerability arises when an attacker opens a Telnet connection to a target system and immediately closes it. This sequence triggers a condition that causes the Telnet service to crash or become unresponsive, effectively denying legitimate users access to Telnet services on the affected Windows NT system. The vulnerability does not require authentication or user interaction and can be exploited remotely over the network (AV:N). The attack complexity is low (AC:L), meaning it can be executed easily without specialized conditions. The CVSS vector indicates a critical impact on confidentiality, integrity, and availability (C:C/I:C/A:C), suggesting that the vulnerability could potentially be leveraged to disrupt system operations severely. However, there is no evidence of remote code execution (RCE) beyond the denial of service, and no patches are available for this vulnerability. The affected product is Windows NT, an older Microsoft operating system, which limits the scope of affected systems in modern environments. No known exploits have been observed in the wild, but the vulnerability remains a concern for legacy systems still running Windows NT with Telnet enabled.

Potential Impact

For European organizations, the primary impact of CVE-1999-0285 is the potential disruption of critical services relying on Telnet on Windows NT systems. Although Telnet is largely deprecated in favor of more secure protocols like SSH, some legacy industrial control systems, network devices, or specialized applications may still depend on Telnet and Windows NT. A successful DoS attack could lead to operational downtime, loss of remote management capabilities, and potential cascading effects on business continuity. Confidentiality and integrity impacts are theoretically high per the CVSS vector, but practically, the main concern is availability disruption. Organizations with legacy infrastructure in sectors such as manufacturing, utilities, or transportation in Europe could face operational risks if these systems are targeted. Given the age of the vulnerability and the obsolescence of Windows NT, the overall risk is mitigated by the rarity of such legacy deployments, but where present, the impact could be significant.

Mitigation Recommendations

Since no official patch is available for CVE-1999-0285, European organizations should focus on compensating controls to mitigate risk. First, disable Telnet services on Windows NT systems wherever possible and replace them with secure alternatives such as SSH. For legacy systems that cannot be upgraded or replaced, restrict network access to Telnet ports using firewalls or network segmentation to limit exposure only to trusted management networks. Implement intrusion detection or prevention systems (IDS/IPS) to monitor and block suspicious Telnet connection attempts, especially those that open and immediately close connections. Regularly audit and inventory legacy systems to identify any Windows NT hosts running Telnet and prioritize their upgrade or isolation. Additionally, establish robust incident response plans to quickly detect and respond to DoS attempts targeting these legacy services. Network-level rate limiting on Telnet ports can also reduce the risk of rapid connection attempts causing service disruption.

Need more detailed analysis?Get Pro

Threat ID: 682ca32bb6fd31d6ed7debd8

Added to database: 5/20/2025, 3:43:39 PM

Last enriched: 6/29/2025, 5:10:36 AM

Last updated: 7/30/2025, 5:18:01 PM

Views: 12

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats