Remote Desktop Protocol Vulnerability in Microsoft Terminal Server
CVE-2005-1794

Currently unrated

Key Information:

Vendor
Microsoft
Status
Windows Terminal Services Using Rdp
Remote Desktop Connection
Vendor
CVE Published:
1 June 2005

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 11%

Summary

A vulnerability exists in Microsoft Terminal Server's implementation of Remote Desktop Protocol (RDP) 5.2, where an RSA private key is improperly stored in the mstlsapi.dll file. This flaw allows remote attackers to spoof the public keys of legitimate servers, making it possible to conduct man-in-the-middle attacks. By exploiting this vulnerability, an attacker can impersonate a trusted server, potentially intercepting sensitive communications and compromising the security of affected systems.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2005-1794Scanner
Created by InitRoot

References

http://secunia.com/advisories/15605/
third-party-advisoryx_refsource_SECUNIA
http://www.oxid.it/downloads/rdp-gbu.pdf
x_refsource_MISC
http://www.securityfocus.com/bid/13818
vdb-entryx_refsource_BID

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.