CVE-2005-1794

Currently unrated

Key Information:

Vendor
Microsoft
Status
Windows Terminal Services Using Rdp
Remote Desktop Connection
Vendor
CVE Published:
1 June 2005

Badges

👾 Exploit Exists🟡 Public PoC

Summary

Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2005-1794Scanner
Created by InitRoot

References

http://secunia.com/advisories/15605/
third-party-advisoryx_refsource_SECUNIA
http://www.oxid.it/downloads/rdp-gbu.pdf
x_refsource_MISC
http://www.securityfocus.com/bid/13818
vdb-entryx_refsource_BID

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.