|
Family: Windows --> Category: infos
Microsoft Windows Remote Desktop Protocol Server Private Key Disclosure Vulnerability Vulnerability Scan
Vulnerability Scan Summary Acertains if the remote terminal service is vulnerable to MIM attacks
Detailed Explanation for this Vulnerability Test
Synopsis :
It may be possible to get access to the remote host.
Description :
The remote version of Remote Desktop Protocol Server (Terminal Service) is
vulnerable to a man in the middle attack.
A possible hacker may exploit this flaw to decrypt communications between client
and server and obtain sensitive information (passwords, ...).
Solution :
Force the use of SSL as a transport layer for this service.
See also :
http://www.oxid.it/downloads/rdp-gbu.pdf
http://www.nessus.org/u?c544b1fa
Threat Level:
Medium / CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|