Signature Detail

HTTP: Microsoft Telnet Protocol Handler Insecure Loading1

This signature detects attempts to exploit a known remote code execution vulnerability in the Microsoft telnet.exe service. It is due to a design weakness in the way telnet protocol handler is implemented. Remote attackers can exploit this by enticing target users to download a malicious dll file. A successful attack can result in loading the attacker-controlled library and execution of arbitrary code with the privileges of the logged-in user. If a user is logged-on with administrative user rights, an attacker can take complete control of the affected system.