Bugtraq mailing list archives
Microsoft Windows Terminal Services vulnerabilities
From: Ben Cohen <bc () skygate co uk>
Date: Wed, 18 Sep 2002 12:39:03 +0100 (BST)
I have just installed Windows XP Pro SP1 and found that the two vulnerabilities announced earlier in the week have been addressed. "Microsoft Windows XP Remote Desktop denial of service" is fixed. "Microsoft Windows Remote Desktop Protocol checksum and keystroke" is partially fixed: Microsoft have altered the protocol to revert to the RDP 4.0 style input packet. This is a hack rather than a good solution because it doesn't fix the checksum leakage problem, and it increases bandwidth again. Unfortunately, the proper solution would require the encryption layer of the protocol to be redesigned. Ben Cohen Software Developer Skygate Technology Ltd.
Current thread:
- Microsoft Windows Terminal Services vulnerabilities Ben Cohen (Sep 18)
- Re: Microsoft Windows Terminal Services vulnerabilities Ben Cohen (Sep 20)