The Terminal Server in Microsoft Windows 2003 Server, when using TLS, allows remote malicious users to bypass SSL and self-signed certificate requirements, downgrade the server security, and possibly conduct man-in-the-middle attacks via unspecified vectors, as demonstrated using the Remote Desktop Protocol (RDP) 6.0 client. NOTE: a third party claims that the vendor may have fixed this in approximately 2006.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft terminal server |