| VID |
27078 |
| Severity |
30 |
| Port |
135 |
| Protocol |
TCP |
| Class |
WMI |
| Detailed Description |
There is vulnerability that ID and password are exposed when you authenticate by password way because telnet service transmits and receives data by plaintext. So You should use only NTLM authentication which does not transfer password on network.
¡Ø Telnet service of Windows server provides NTLM and password authentication.
- NTLM authentication: No transfer password, using negotiate/challenge/response process for authentication.
- Password authentication: using ID/PWD in manager and TelnetClients group for authentication.
* Platforms Affected:
Microsoft Windows Any version |
| Recommendation |
1. Start> Run> cmd> tlntadmn config> Check Authentication Mechanism : NTLM
2. tlntadmn config sec = +NTLM-passwd (Use NTLM only except passwd authentication)
3. Remove unnecessary
Start> Run> SERVICES.MSC> Telnet> Properties> General tab> Set "Startup Type" to "Disabled" |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
