The Terminal Server in Microsoft Windows 2003 Server, when using TLS, allows remote attackers to bypass SSL and self-signed certificate requirements, downgrade the server security, and possibly conduct man-in-the-middle attacks via unspecified vectors, as demonstrated using the Remote Desktop Protocol (RDP) 6.0 client. NOTE: a third party claims that the vendor may have fixed this in approximately 2006.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2007-05-10 21:20
Updated : 2018-10-16 09:44
NVD link : CVE-2007-2593
Mitre link : CVE-2007-2593
JSON object : View
CWE
Products Affected
microsoft
- windows_2003_server
- terminal_server