Re: Terminal Server vulnerabilities

["Daniel H. Renner" <dan () losangelescomputerhelp com>]

Original message:
> Date: Mon, 24 Jan 2005 15:52:55 -0800
> From: "Daniel Sichel" <daniels () Ponderosatel com>
> Subject: [Full-disclosure] Terminal Server vulnerabilities
> To: <full-disclosure () lists netsys com>
> Message-ID:
>       <190DFDD2F99A65469B4B15D3658C0D2BC5A495 () ptc6 ponderosatel com>
> Content-Type: text/plain;     charset="us-ascii"
>
> I am currently locked in a death struggle with Microsoft's server
> product group. They have dropped support for the IAS (RADIUS) mmc in
> server 2003 and the 2000 version won't work under XP SP2. Their solution
> is to user terminal server to control the server remotely to manage
> RADIUS. Naturally  I don't like this answer because of horror stories I
> have heard about Terminal server. They claim there are no unfixed
> vulnerabilities to Terminal Server on Windows Server 2000 Service Pack
> 4. 
>
> I find that hard to believe and I know you guys will know if they are
> full of it, or they are correct. Please let me know ASAP of any CURRENT
> vulnerabilities int Terminal Server.
>
> Dan Sichel
> Network Engineer
> Ponderosa Telephone
> daniels () ponderosatel com (559) 868-6367
>  
> P.S. the MMC is worse, it requires that port 139 or 445 be opened, but
> that is not the point, I suspect they are feeding me a line and I want
> to prove it. Thanks.

Dan,

Try here for starters:
http://www.google.com/search?q=%22windows+terminal+server%22+exploit&sourceid=mozilla&start=0&start=0&ie=utf-8&oe=utf-8
(2,310 results)

Then pick one and try it out...
-- 

Cheers,

Dan
Los Angeles Computerhelp
http://losangelescomputerhelp.com
818.352.8700



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html