| VID |
21301 |
| Severity |
20 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Terminal Service Web Connection is running on the target Web server, which allows anonymous users to connect to a terminal service server.
The Terminal Service Web Connection(Remote Desktop Web Connection) is a Win32-based ActiveX control (COM object) that can be used to run Terminal Services sessions within Internet Explorer.
It provides nearly the same functionality as the full Terminal Services Client, but is designed to deliver this functionality over the Web. Users can access the web page and click a 'connect' button to connect a terminal services server. But the control is downloaded to the user's local system unless it exists on the local system already, and then, is used to connect directly to a terminal services server using the RDP(Remote Desktop Protocol) TCP port 3389.
* Note: This check solely relied on whether Terminal Service Web Connection is running on the remote web server or not, to assess this vulnerability, so this might be a false positive.
* References:
http://www.microsoft.com/windows2000/server/evaluation/news/bulletins/tsac.asp
http://www.microsoft.com/windows2000/techinfo/administration/terminal/tsacfaq.asp
* Platforms Affected:
Windows Any version |
| Recommendation |
If it is not needed, delete the Terminal Service Web Connection. And, if used, you should apply the appropriate ACL to restrict anonymous access to the Terminal Service Web Connection resources.
For example, you could restrict anonymous access to the Terminal Service Web Connection page on the IIS web server through the way as the following:
1. From the 'Control Panel', select the 'Administrative Tools' and 'Internet Service
Manager'.
2. From the your web site, select the Terminal Service Web Connection page('default.htm') in the Terminal Service Web Connection folder('TSWeb').
3. Select the 'File Security' tab from the 'Properties' of this page and then click the <Edit> button in the 'Anonymous Access and Authentication Control' section.
4. Clear the check box from the 'Allow Anonymous Access' and check the check box of 'Basic Authentication' or 'Windows NT Challenge and Response'. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
