From SecurityTracker:

Microsoft Remote Desktop on Windows XP Lets Remote Authenticated Users Restart the System
SecurityTracker Alert ID: 1011940
SecurityTracker URL: http://securitytracker.com/id?1011940
CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)
Date: Oct 26 2004
Impact: Denial of service via network
Fix Available: Yes Exploit Included: Yes Vendor Confirmed: Yes
Version(s): prior to SP2
Description: A vulnerability was reported in Microsoft Remote Desktop on Windows XP. A remote authenticated user can restart the system.

In August 2004, Microsoft reported that a remote authenticated user can access the target system and issue the Tsshutdn command to restart a Windows XP-based system.
Impact: A remote authenticated user can cause the system to restart.
Solution: The vendor has issued a fix as part of Windows XP SP2. The knowledge base article describing this issue is available at:

http://support.microsoft.com/default.aspx?scid=kb;en-us;838202
Vendor URL: support.microsoft.com/default.aspx?scid=kb;en-us;838202 (Links to External Site)
Cause: Access control error
Underlying OS: Windows (XP)
Reported By: “G. Dell’Abate”
Message History: None.

I don’t know if I would consider this a security vulnerability or not as XP is limited to a single interactive user and that logging in remotely will knock off the console user… Perhaps if someone is using the WinConnect XP hack to make XP act like a Terminal Server…