ID CVE-2005-1794
Summary Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks.
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:remote_desktop_connection:5.1.2600.2180:*:windows_xp:*:*:*:*:*
    cpe:2.3:a:microsoft:remote_desktop_connection:5.1.2600.2180:*:windows_xp:*:*:*:*:*
  • cpe:2.3:a:microsoft:windows_terminal_services_using_rdp:5.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:windows_terminal_services_using_rdp:5.2:*:*:*:*:*:*:*
CVSS
Base: 6.4 (as of 28-03-2018 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:N
oval via4
accepted 2015-08-10T04:00:13.643-04:00
class vulnerability
contributors
  • name Dragos Prisaca
    organization Symantec Corporation
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Microsoft Windows XP is installed
    oval oval:org.mitre.oval:def:105
  • comment Microsoft Windows Server 2003 is installed
    oval oval:org.mitre.oval:def:128
description Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks.
family windows
id oval:org.mitre.oval:def:12441
status accepted
submitted 2011-06-28T13:00:00
title Microsoft Windows Remote Desktop Protocol Server Private Key Disclosure Vulnerability
version 47
refmap via4
bid 13818
misc
secunia 15605
Last major update 28-03-2018 - 01:29
Published 01-06-2005 - 04:00
Last modified 28-03-2018 - 01:29
Back to Top