5 - KB904797

Executive Summary

Summary
Title	Vulnerability in Remote Desktop Protocol (RDP) Could Lead to Denial of Service

Informations
Name	KB904797	First vendor Publication	2005-07-16
Vendor	Microsoft	Last vendor Modification	2005-08-09
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Microsoft has completed the investigation into a public report of a vulnerability. We have issued a security bulletin to address this issue. For more information about this issue, including download links for an available security update, please review the security bulletin.

Original Source

Url : http://www.microsoft.com/technet/security/advisory/904797.mspx

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:100092

Oval ID:	oval:org.mitre.oval:def:100092
Title:	Windows XP,SP1 (64-bit) RDP DoS Vulnerability
Description:	The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2005-1218	Version:	5
Platform(s):	Microsoft Windows XP	Product(s):
Definition Synopsis:
Windows XP is installed AND Win2K/XP/2003/Vista service pack 1 is installed AND a version of Windows for the ia64 architecture is installed AND the version of rdpwd.sys is less than 5.2.3790.2465

Definition Id: oval:org.mitre.oval:def:180

Oval ID:	oval:org.mitre.oval:def:180
Title:	Windows 2000,SP4 Remote Desktop Protocol (RDP) DoS Vulnerability
Description:	The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2005-1218	Version:	7
Platform(s):	Microsoft Windows 2000	Product(s):
Definition Synopsis:
Windows 2000 Service Pack 4 (or later) is installed Windows 2000 is installed AND SP4 or later Installed AND the version of rdpwd.sys is less than 5.0.2195.7055

Definition Id: oval:org.mitre.oval:def:346

Oval ID:	oval:org.mitre.oval:def:346
Title:	Windows Server 2003,SP1 Remote Desktop Protocol (RDP) DoS Vulnerability
Description:	The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2005-1218	Version:	5
Platform(s):	Microsoft Windows Server 2003	Product(s):
Definition Synopsis:
Windows Server 2003 is installed AND Win2K/XP/2003 service pack 1 is installed AND the version of rdpwd.sys is less than 5.2.3790.2465

Definition Id: oval:org.mitre.oval:def:376

Oval ID:	oval:org.mitre.oval:def:376
Title:	Windows XP,SP2 Remote Desktop Protocol (RDP) DoS Vulnerability
Description:	The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2005-1218	Version:	7
Platform(s):	Microsoft Windows XP	Product(s):
Definition Synopsis:
Windows XP is installed AND Win2K/XP/2003/Vista/2008 service pack 2 is installed AND the version of rdpwd.sys is less than 5.1.2600.2695

Definition Id: oval:org.mitre.oval:def:609

Oval ID:	oval:org.mitre.oval:def:609
Title:	Windows Server 2003 Remote Desktop Protocol (RDP) DoS Vulnerability
Description:	The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2005-1218	Version:	6
Platform(s):	Microsoft Windows Server 2003	Product(s):
Definition Synopsis:
Windows Server 2003 is installed AND NOT Win2K/XP/2003 is patched AND the version of rdpwd.sys is less than 5.2.3790.348

Definition Id: oval:org.mitre.oval:def:618

Oval ID:	oval:org.mitre.oval:def:618
Title:	Windows XP,SP1 Remote Desktop Protocol (RDP) DoS Vulnerability
Description:	The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2005-1218	Version:	5
Platform(s):	Microsoft Windows XP	Product(s):
Definition Synopsis:
Windows XP is installed AND Win2K/XP/2003 service pack 1 is installed AND NOT 64-Bit (ia64 architecture) version of Windows is installed AND the version of rdpwd.sys is less than 5.1.2600.1698

CPE : Common Platform Enumeration

Type	Description	Count
Os	Microsoft Windows 2000 cpe:2.3:o:microsoft:windows_2000:::::::: cpe:2.3:o:microsoft:windows_2000::sp4::::::* cpe:2.3:o:microsoft:windows_2000::sp3::::::* cpe:2.3:o:microsoft:windows_2000::sp2::::::* cpe:2.3:o:microsoft:windows_2000::sp1::::::*	5
Os	Microsoft Windows 2003 Server cpe:2.3:o:microsoft:windows_2003_server:web:sp1:::::: cpe:2.3:o:microsoft:windows_2003_server:web:::::::* cpe:2.3:o:microsoft:windows_2003_server:standard_64-bit:::::::* cpe:2.3:o:microsoft:windows_2003_server:standard::64-bit::::: cpe:2.3:o:microsoft:windows_2003_server:standard:sp1:::::: cpe:2.3:o:microsoft:windows_2003_server:r2::64-bit::::: cpe:2.3:o:microsoft:windows_2003_server:r2::datacenter_64-bit::::: cpe:2.3:o:microsoft:windows_2003_server:r2:sp1:::::: cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:::::::* cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:sp1:::::: cpe:2.3:o:microsoft:windows_2003_server:enterprise::64-bit::::: cpe:2.3:o:microsoft:windows_2003_server:enterprise:sp1:::::: cpe:2.3:o:microsoft:windows_2003_server:datacenter_64-bit:sp1::::::	13
Os	Microsoft Windows Xp cpe:2.3:o:microsoft:windows_xp:::64-bit:::::* cpe:2.3:o:microsoft:windows_xp::gold:professional::::: cpe:2.3:o:microsoft:windows_xp::sp2:home::::: cpe:2.3:o:microsoft:windows_xp::sp1:64-bit::::: cpe:2.3:o:microsoft:windows_xp:::home:::::* cpe:2.3:o:microsoft:windows_xp::sp1:home:::::	6

Open Source Vulnerability Database (OSVDB)

Id	Description
18624	Microsoft Windows Remote Desktop Protocol (RDP) Crafted Packet Remote DoS Windows contains a flaw that may allow a remote denial of service. The issue is triggered when a specially crafted RDP packet is sent by an attacker, which causes a memory fault within the rdpwd.sys driver file, and will result in loss of availability for the platform.

Snort® IPS/IDS

Date	Description
2014-01-10	remote desktop protocol attempted administrator connection request RuleID : 4060 - Revision : 9 - Type : APP-DETECT
2014-01-10	Microsoft Windows remote desktop oversized cookie attempt RuleID : 21089 - Revision : 4 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows remote desktop denial of service attempt RuleID : 21088 - Revision : 4 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

Date	Description
2005-08-09	Name : It is possible to crash the remote desktop service. File : smb_nt_ms05-041.nasl - Type : ACT_GATHER_INFO

Global Informations

Type	Count
Oval ID(s)	6
CPE ID(s)	24
osvdb(s)	1
Snort® Rule(s)	3
Nessus® Exploit(s)	1

	Related
5	CVE-2005-1218
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

5 - KB904797

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

OVAL Definitions

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU