Korean

<< Back VID 26035 Severity 30 Port 139,445 Protocol TCP Class SMB Detailed Description The hotfix (Q324380) for the "Cryptographic Flaw in RDP Protocol" and "Denial of Service in Remote Desktop service" is not applied. These vulnerabilities each can lead to Information Disclosure and Denial of Service. 1. Cryptographic Flaw in RDP Protocol Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing. 2. Denial of Service in Remote Desktop The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command. * Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts. * References: http://www.microsoft.com/technet/security/bulletin/ms02-051.asp * Platforms Affected: Microsoft Windows 2000 Microsoft Windows XP Recommendation Apply the appropriate patch (Q324380) for these vulnerabilities, as listed in Microsoft Security Bulletin MS02-051, http://www.microsoft.com/technet/security/bulletin/ms02-051.asp o Windows 2000: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41326 o Windows XP: http://www.microsoft.com/Downloads/Release.asp?ReleaseID= 41288 o Windows XP 64 bit Edition: http://www.microsoft.com/Downloads/Release.asp?ReleaseID= 41314 * Installation platforms: The patch for Windows 2000 can be installed on systems running Windows 2000 Service Pack 2 or Windows 2000 Service Pack 3. The patch for Windows XP can be installed on systems running Windows XP Gold. Related URL CVE-2002-0863,CVE-2002-0864 (CVE) Related URL (SecurityFocus) Related URL (ISS)