Published: 13/03/2012 Updated: 07/12/2023

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 952

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Subscribe to Windows Server 2008

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which allows remote malicious users to execute arbitrary code by sending crafted RDP packets triggering access to an object that (1) was not properly initialized or (2) is deleted, aka "Remote Desktop Protocol Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows server 2008
microsoft windows server 2008 r2
microsoft windows server 2008 -
microsoft windows xp -
microsoft windows xp
microsoft windows 7
microsoft windows server 2003
microsoft windows vista

####################################################################### Luigi Auriemma Application: Microsoft Terminal Services / Remote Desktop Services wwwmicrosoftcom msdnmicrosoftcom/en-us/library/aa383015(v=vs85)aspx Versions: any Windows version before 13 Mar ...

Checks if a machine is vulnerable to MS12-020 RDP vulnerability.

nmap -sV --script=rdp-vuln-ms12-020 -p 3389 <target>

PORT     STATE SERVICE        VERSION
3389/tcp open  ms-wbt-server?
| rdp-vuln-ms12-020:
|   VULNERABLE:
|   MS12-020 Remote Desktop Protocol Denial Of Service Vulnerability
|     State: VULNERABLE
|     IDs:  CVE:CVE-2012-0152
|     Risk factor: Medium  CVSSv2: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P)
|     Description:
|               Remote Desktop Protocol vulnerability that could allow remote attackers to cause a denial of service.
|
|     Disclosure date: 2012-03-13
|     References:
|       http://technet.microsoft.com/en-us/security/bulletin/ms12-020
|       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0152
|
|   MS12-020 Remote Desktop Protocol Remote Code Execution Vulnerability
|     State: VULNERABLE
|     IDs:  CVE:CVE-2012-0002
|     Risk factor: High  CVSSv2: 9.3 (HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C)
|     Description:
|               Remote Desktop Protocol vulnerability that could allow remote attackers to execute arbitrary code on the targeted system.
|
|     Disclosure date: 2012-03-13
|     References:
|       http://technet.microsoft.com/en-us/security/bulletin/ms12-020
|_      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0002

THM-Blue 3/1/2022 | Yash Mhaskar Nmap 791 scan initiated Sun Feb 27 16:45:34 2022 as: nmap -A -T4 -sV --script vuln -oN nmaptxt 1010188114 Nmap scan report for 1010188114 Host is up (018s latency) Not shown: 991 closed ports PORT STATE SERVICE VERSION 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-s

Explorando Remote Desktop do Windows Server 2003 com o exploit Esteemaudit (MS12-020) e obtendo RCE (sem Metasploit)

Esteemaudit (without Metasploit) - A Windows 2003 RDP Zero Day Exploit Explorando Remote Desktop do Windows Server 2003 com o exploit Esteemaudit (sem Metasploit) e obtendo RCE REPOSITÓRIO CRIADO PARA FINS DIDÁTICOS! Esta é uma portabilidade do Esteemaudit RDP Exploit vazado do Equationgroup (NSA) A vulnerabilidade explorada por este ataque está re

This repo contain walkthrough of buffer overflow room on tryhackme. In this walkthrough we are going to cover every details about how to exploit stack buffer overflow vulnerability.

Gatekeeper Walkthrough Nmap Let's first scan machine ip with nmap, we are going to divide nmap scan in two section initial scan and final scan In Initial scan we are going to cover nmap fast scan of ports and other things In Final scan we are going to cover nmap full port scan with vuln script Nmap Initial Scan command=> sudo nmap -F -sV 101018296 -oN nmap-i

CVE -2012-0152

MS12-020 CVE -2012-0152 Windows Remote Desktop Protocol Bugs Let Remote Users Deny Service and Execute Arbitrary Code SecurityTracker Alert ID: 1026790 SecurityTracker URL: securitytrackercom/id/1026790 CVE Reference: CVE-2012-0002, CVE-2012-0152 (Links to External Site) Updated: Jun 13 2012 Original Entry Date: Mar 13 2012 Impact: Denial of service via networ

Explorando Remote Desktop do Windows Server 2003 com o exploit Esteemaudit (MS12-020) e obtendo RCE (sem Metasploit)

Esteemaudit (without Metasploit) - A Windows 2003 RDP Zero Day Exploit Explorando Remote Desktop do Windows Server 2003 com o exploit Esteemaudit (sem Metasploit) e obtendo RCE REPOSITÓRIO CRIADO PARA FINS DIDÁTICOS! Esta é uma portabilidade do Esteemaudit RDP Exploit vazado do Equationgroup (NSA) A vulnerabilidade explorada por este ataque está re

Explorando Remote Desktop do Windows Server 2003 com o exploit Esteemaudit (MS12-020) e obtendo RCE (sem Metasploit)

Esteemaudit (without Metasploit) - A Windows 2003 RDP Zero Day Exploit Explorando Remote Desktop do Windows Server 2003 com o exploit Esteemaudit (sem Metasploit) e obtendo RCE REPOSITÓRIO CRIADO PARA FINS DIDÁTICOS! Esta é uma portabilidade do Esteemaudit RDP Exploit vazado do Equationgroup (NSA) A vulnerabilidade explorada por este ataque está re

Update to this Month’s Patch Tuesday Post on MS12-020/CVE-2012-0002

Securelist • Kurt Baumgartner • 16 Mar 2012

The twitter infosec sphere last night and the blogosphere this morning is in a bit of a frenzy about the public leak of a DoS PoC targeting CVE-2012-0002, the RDP pre-auth remote. This vulnerability was highlighted at our previous Securelist post on this month’s patch Tuesday “Patch Tuesday March 2012 – Remote Desktop Pre-Auth Ring0 Use-After-Free RCE!“. First off, patch now. Now. If you can’t, use the mitigation tool that Microsoft is offering – the tradeoff between requiring networ...

CVE-2012-0002

Vulnerability Summary

Vulnerability Trend

Exploits

Nmap Scripts

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect