443 bytes is all it takes to remotely DoS RDP installations

http://1.bp.blogspot.com/-Xyfuzy7D_UU/T2YNdT8b-2I/AAAAAAAAADM/gXl7X3IfYOM/s1600/

stratsec security researcher Sergei Shevchenko, has put together an indepth blog posting on the MS12-020 RDP vulnerability, showing that a mere 443 byte payload is all it would take to crash remote installations with a Blue Screen of Death. 

Shevchenko compared the updated system files including Rdpcore.dll and RdpWD.sys to determine the exact code changes made and found modifications of the function HandleAttachUserReq(). Using this information, he went on to construct a 443 byte payload using the original packet crash provided by Luigi Auriemma.  

Read more: 443 bytes is all it takes to remotely DoS RDP installations

Story added 19. March 2012, content source with full text you can find at link above.