CERTA-2005-AVI-304

Vulnerability from certfr_avis - Published: 2005-08-10 - Updated: 2005-08-10

Une vulnérabilité dans Remote Desktop Protocol permet de réaliser un déni de service.

Description

Le protocole RDP (Remote Desktop Protocol) permet à un utilisateur d'établir une session virtuelle graphique vers une autre machine.

Un utilisateur mal intentionné peut, par le biais d'un message RDP malicieusement constitué, provoquer un arrêt du système vulnérable.

Contournement provisoire

Filtrer le port 3389/tcp au niveau du pare-feu.

Solution

Appliquer le correctif tel qu'indiqué dans le bulletin de sécurité Microsoft MS05-041 (voir Documentation).

None
Impacted products
Vendor Product Description
Microsoft Windows Microsoft Windows XP Professional x64 Edition ;
Microsoft Windows Microsoft Windows Server 2003 et Microsoft Windows Server 2003 Service Pack 1 ;
Microsoft Windows Microsoft Windows XP Service Pack 1 et Service Pack 2 ;
Microsoft Windows Microsoft Windows Server 2003 x64 Edition.
Microsoft Windows Microsoft Windows 2000 Server Service Pack 4 ;
Microsoft Windows Microsoft Windows Server 2003 pour systèmes Itanium et Microsoft Windows Server 2003 pour systèmes Itanium Service Pack 1 ;
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows XP Professional x64 Edition ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 et Microsoft Windows Server 2003 Service Pack 1 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Service Pack 1 et Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 x64 Edition.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2000 Server Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 pour syst\u00e8mes Itanium et Microsoft Windows Server 2003 pour syst\u00e8mes Itanium Service Pack 1 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nLe protocole RDP (Remote Desktop Protocol) permet \u00e0 un utilisateur\nd\u0027\u00e9tablir une session virtuelle graphique vers une autre machine.\n\nUn utilisateur mal intentionn\u00e9 peut, par le biais d\u0027un message RDP\nmalicieusement constitu\u00e9, provoquer un arr\u00eat du syst\u00e8me vuln\u00e9rable.\n\n## Contournement provisoire\n\nFiltrer le port 3389/tcp au niveau du pare-feu.\n\n## Solution\n\nAppliquer le correctif tel qu\u0027indiqu\u00e9 dans le bulletin de s\u00e9curit\u00e9\nMicrosoft MS05-041 (voir Documentation).\n",
  "cves": [],
  "initial_release_date": "2005-08-10T00:00:00",
  "last_revision_date": "2005-08-10T00:00:00",
  "links": [],
  "reference": "CERTA-2005-AVI-304",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2005-08-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans Remote Desktop Protocol permet de r\u00e9aliser un\nd\u00e9ni de service.\n",
  "title": "Vuln\u00e9rabilit\u00e9 du protocole RDP de Microsoft",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS05-041 du 09 ao\u00fbt 2005",
      "url": "http://www.microsoft.com/technet/security/bulletin/MS05-041.mspx"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.