Vulnerability Note VU#865833
Microsoft Windows Remote Desktop Protocol (RDP) uses weak algorithm for encrypting packets
Overview
Microsoft Windows Remote Desktop Protocol (RDP) uses a weak algorithm for encrypting packets.
Description
Microsoft describes RDP as follows. RDP is based on, and is an extension of, the T.120 protocol family standards. It is a multichannel-capable protocol that allows for separate virtual channels for carrying device communication and presentation data from the server, as well as encrypted client mouse and keyboard data.
Because encryption keys are negotiated on a per-session basis, a successful attack would allow an attacker to decrypt only a single session and not multiple sessions. Thus, the attacker would need to conduct a separate cryptanalytic attack against each session he or she wished to compromise. |
Impact
A remote attacker could apply cryptanalytic techniques to recover encrypted session traffic. |
Solution
Apply a patch. |
Systems Affected (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| Microsoft Corporation | Affected | - | 06 Dec 2002 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | N/A | N/A |
| Temporal | N/A | N/A |
| Environmental | N/A | N/A |
References
- http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-051.asp
- http://msdn.microsoft.com/library/en-us/termserv/termserv/using_terminal_services_virtual_channels.asp
- http://www.microsoft.com/windows2000/techinfo/howitworks/terminal/rdpfandp.asp
- http://link.springer.de/link/service/series/0558/bibs/2139/21390310.htm
- http://www.ietf.org/rfc/rfc2104.txt
Credit
Ben Cohen & Pete Chown of Skygate Technology Ltd. discovered this vulnerability.
This document was written by Ian A Finlay.
Other Information
- CVE IDs: CAN-2002-0863
- Date Public: 18 Sep 2002
- Date First Published: 06 Dec 2002
- Date Last Updated: 06 Dec 2002
- Severity Metric: 6.30
- Document Revision: 16
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.