|
Family: CGI abuses --> Category: infos
Terminal Services Web Detection Vulnerability Scan
Vulnerability Scan Summary Find instances of tsweb
Detailed Explanation for this Vulnerability Test
Synopsis :
Terminal Services Client ActiveX is available.
Description :
The remote host appears to be configured to facilitate the client
download of an ActiveX Terminal Services Client. So, users can access the
web page and click a 'connect' button which will prompt a client-side download
of a .cab file which will be used to connect the client directly to a
terminal services server using Remote Desktop Protocol -- RDP. Of course,
you will want to manually inspect this page for possible information regarding
systems offering RDP access, system information, IP addressing information, etc.
Solution :
password protect access to the 'tsweb' resource.
Threat Level:
None / CVSS Base Score : 0
(AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|