 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.11146 |
| Kategorie: | Windows : Microsoft Bulletins |
| Titel: | Microsoft RDP flaws could allow sniffing and DOS (Q324380) |
| Zusammenfassung: | Remote Data Protocol (RDP) version 5.0 in Microsoft; Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session; data, which could allow a remote attacker to determine the contents of encrypted sessions; via sniffing, and Remote Data Protocol (RDP) version 5.1 in Windows XP allows remote; attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU; Confirm Active data packet that does not set the Pattern BLT command. |
| Beschreibung: | Summary: Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, and Remote Data Protocol (RDP) version 5.1 in Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command. Vulnerability Impact: Two vulnerabilities: information disclosure, denial of service. Affected Software/OS: - Microsoft Windows 2000 - Microsoft Windows XP Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2002-0863 BugTraq ID: 5711 http://www.securityfocus.com/bid/5711 BugTraq ID: 5712 http://www.securityfocus.com/bid/5712 Bugtraq: 20020916 Microsoft Windows Remote Desktop Protocol checksum and keystroke vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=103235960119404&w=2 Bugtraq: 20020918 Microsoft Windows Terminal Services vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=103236181522253&w=2 CERT/CC vulnerability note: VU#865833 http://www.kb.cert.org/vuls/id/865833 Microsoft Security Bulletin: MS02-051 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-051 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A199 http://www.iss.net/security_center/static/10121.php http://www.iss.net/security_center/static/10122.php Common Vulnerability Exposure (CVE) ID: CVE-2002-0864 BugTraq ID: 5713 http://www.securityfocus.com/bid/5713 Bugtraq: 20020916 Microsoft Windows XP Remote Desktop denial of service vulnerability (Google Search) http://marc.info/?l=bugtraq&m=103235745116592&w=2 http://www.iss.net/security_center/static/10120.php |
| Copyright | Copyright (C) 2002 SECNAP Network Security, LLC |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |