Microsoft Windows Remote Desktop Protocol (RDP) uses a weak algorithm for encrypting packets.
Microsoft describes RDP as follows.
RDP is based on, and is an extension of, the T.120 protocol family standards. It is a multichannel-capable protocol that allows for separate virtual channels for carrying device communication and presentation data from the server, as well as encrypted client mouse and keyboard data.
A remote attacker could apply cryptanalytic techniques to recover encrypted session traffic.
Apply a patch.
Ben Cohen & Pete Chown of Skygate Technology Ltd. discovered this vulnerability.
This document was written by Ian A Finlay.
|Date First Published:||2002-12-06|
|Date Last Updated:||2002-12-06 18:57 UTC|