Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows加密RDP包远程信息泄露漏洞(MS02-051)
Vulnerability Description
RDP(远程桌面协议,Remote Desktop Protocol)是终端服务器和客户端之间的通信协议,它使得远程用户可以使用键盘和鼠标通过网络在应用程序之间进行通信。 Microsoft Windows终端服务在使用加密RDP通信时存在问题,远程攻击者可以利用这个漏洞通过截获网络通信判断会话过程中的事件行为。 当RDP使用加密通信的时候,RDP包开始使用RC4加密,然后把8字节的HMAC明文校验码存放在密文的前面,虽然RC4的加密KEY每4096个包的都刷新不同,但是HMAC的值在会话过程中没有改变,
CVSS Information
N/A
Vulnerability Type
N/A