Microsoft Windows Remote Desktop Protocol Server Key Verification Vulnerability

Bugtraq ID: 7258
Class: Design Error
CVE:
Remote: Yes
Local: No
Published: Apr 02 2003 12:00AM
Updated: Apr 02 2003 12:00AM
Credit: Discovery is credited to Erik Forsberg <forsberg+btq@cendio.se>.
Vulnerable: Microsoft RDP 5.2
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
 + Microsoft Windows Server 2003 Datacenter Edition Itanium 0
 + Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
 + Microsoft Windows Server 2003 Enterprise Edition Itanium 0
 + Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows Server 2003 Web Edition
Microsoft RDP 5.1
+ Microsoft Windows XP 64-bit Edition SP1
 + Microsoft Windows XP 64-bit Edition SP1
 + Microsoft Windows XP 64-bit Edition
+ Microsoft Windows XP 64-bit Edition
+ Microsoft Windows XP Home SP1
 + Microsoft Windows XP Home SP1
 + Microsoft Windows XP Home
+ Microsoft Windows XP Home
+ Microsoft Windows XP Professional SP1
 + Microsoft Windows XP Professional SP1
 + Microsoft Windows XP Professional
+ Microsoft Windows XP Professional
Microsoft RDP 5.0
+ Microsoft Windows 2000 Advanced Server SP3
 + Microsoft Windows 2000 Advanced Server SP3
 + Microsoft Windows 2000 Advanced Server SP2
 + Microsoft Windows 2000 Advanced Server SP2
 + Microsoft Windows 2000 Advanced Server SP1
 + Microsoft Windows 2000 Advanced Server SP1
 + Microsoft Windows 2000 Advanced Server
+ Microsoft Windows 2000 Advanced Server
+ Microsoft Windows 2000 Datacenter Server SP3
 + Microsoft Windows 2000 Datacenter Server SP3
 + Microsoft Windows 2000 Datacenter Server SP2
 + Microsoft Windows 2000 Datacenter Server SP2
 + Microsoft Windows 2000 Datacenter Server SP1
 + Microsoft Windows 2000 Datacenter Server SP1
 + Microsoft Windows 2000 Datacenter Server
+ Microsoft Windows 2000 Datacenter Server
+ Microsoft Windows 2000 Professional SP3
 + Microsoft Windows 2000 Professional SP3
 + Microsoft Windows 2000 Professional SP2
 + Microsoft Windows 2000 Professional SP2
 + Microsoft Windows 2000 Professional SP1
 + Microsoft Windows 2000 Professional SP1
 + Microsoft Windows 2000 Professional
+ Microsoft Windows 2000 Professional
+ Microsoft Windows 2000 Server SP3
 + Microsoft Windows 2000 Server SP3
 + Microsoft Windows 2000 Server SP2
 + Microsoft Windows 2000 Server SP2
 + Microsoft Windows 2000 Server SP1
 + Microsoft Windows 2000 Server SP1
 + Microsoft Windows 2000 Server
+ Microsoft Windows 2000 Server
+ Microsoft Windows 2000 Terminal Services SP3
 + Microsoft Windows 2000 Terminal Services SP3
 + Microsoft Windows 2000 Terminal Services SP2
 + Microsoft Windows 2000 Terminal Services SP2
 + Microsoft Windows 2000 Terminal Services SP1
 + Microsoft Windows 2000 Terminal Services SP1
 + Microsoft Windows 2000 Terminal Services
+ Microsoft Windows 2000 Terminal Services
Microsoft RDP 4.0
+ Microsoft Windows NT Terminal Server 4.0 SP6a
 + Microsoft Windows NT Terminal Server 4.0 SP6
 + Microsoft Windows NT Terminal Server 4.0 SP6
 + Microsoft Windows NT Terminal Server 4.0 SP5
 + Microsoft Windows NT Terminal Server 4.0 SP5
 + Microsoft Windows NT Terminal Server 4.0 SP4
 + Microsoft Windows NT Terminal Server 4.0 SP4
 + Microsoft Windows NT Terminal Server 4.0 SP3
 + Microsoft Windows NT Terminal Server 4.0 SP3
 + Microsoft Windows NT Terminal Server 4.0 SP2
 + Microsoft Windows NT Terminal Server 4.0 SP2
 + Microsoft Windows NT Terminal Server 4.0 SP1
 + Microsoft Windows NT Terminal Server 4.0 SP1
 + Microsoft Windows NT Terminal Server 4.0
 + Microsoft Windows NT Terminal Server 4.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus