CVE Vulnerabilities

CVE-2005-1794

Published: Jun 01, 2005 | Modified: Mar 28, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks.

Affected Software

Name Vendor Start Version End Version
Windows_terminal_services_using_rdp Microsoft 5.2 5.2
Remote_desktop_connection Microsoft 5.1.2600.2180 5.1.2600.2180

References