102 matches found
Microsoft RDSH Spoofing Vulnerability
Microsoft Remote Desktop Session Host RDSH is a remote desktop session host released by Microsoft USA. A spoofing vulnerability exists in Microsoft Remote Desktop Session Host RDSH, which can be exploited by an attacker to simulate a client session...
Microsoft Remote Desktop Session Host CVE-2015-2472 Spoofing Vulnerability
Description Microsoft Remote Desktop Session Host is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. Attackers can exploit this issue to spoof and impersonate a legitimate user. Other attacks are also possible. Technologies Affected Microsoft SQL Server 200...
Microsoft Remote Desktop Protocol DLL Loading CVE-2015-2473 Remote Code Execution Vulnerability
Description Microsoft Remote Desktop Protocol is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...
MS12-020 Microsoft Remote Desktop Checker
This module checks a range of hosts for the MS12-020 vulnerability. This does not cause a DoS on the target. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS12-020 Microsoft Remote Desktop...
Microsoft Remote Desktop Protocol CVE-2012-2526 Remote Code Execution Vulnerability
Description Microsoft Remote Desktop Protocol is prone to a remote code-execution vulnerability. Successful exploits will allow the attacker to execute arbitrary code in the context of the affected process. This may facilitate a complete system compromise. Failed attacks may cause denial-of-servi...
Microsoft Remote Desktop Protocol Remote Code Execution Vulnerability (2685939)
This host is missing a critical security update according to Microsoft Bulletin MS12-036. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Pakyu Cenloder Microsoft Remote Desktop Denial Of Service
Exploit Title: Pakyu Cenloder Date: March 16 2012 Author: BMario Application Link: Microsoft Terminal Services / Remote Desktop Services http://msdn.microsoft.com/en-us/library/aa383015v=vs.85.aspx Version: any Windows version before 13 Mar 2012 Platforms: Windows Bug: use after free Exploitation...
Pakyu Cenloder Microsoft Remote Desktop Denial Of Service
Exploit for windows platform in category dos / poc Exploit Title: Pakyu Cenloder Date: March 16 2012 Author: BMario Application Link: Microsoft Terminal Services / Remote Desktop Services http://msdn.microsoft.com/en-us/library/aa383015v=vs.85.aspx Version: any Windows version before 13 Mar 2012...
Microsoft Remote Desktop Protocol Denial of Service Vulnerability (2570222)
This host is missing a critical security update according to Microsoft Bulletin MS11-065. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Remote Desktop Protocol CVE-2011-1968 Denial of Service Vulnerability
Description Microsoft Remote Desktop Protocol is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to shut down or restart the affected system, therefore denying service to legitimate users. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 5.0 Avaya...
Microsoft Remote Desktop Connection Insecure Library Injection
Added: 03/14/2011 CVE: CVE-2011-0029 BID: 46678 OSVDB: 71014 Background The Windows Remote Desktop allows desktop access to one Windows computer from another Windows computer. Problem A library loading vulnerability in the Remote Desktop Client allows arbitrary command execution when a user opens...
Microsoft Remote Desktop Connection Insecure Library Injection
Added: 03/14/2011 CVE: CVE-2011-0029 BID: 46678 OSVDB: 71014 Background The Windows Remote Desktop allows desktop access to one Windows computer from another Windows computer. Problem A library loading vulnerability in the Remote Desktop Client allows arbitrary command execution when a user opens...
Design/Logic Flaw
Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote Desktop Insecure...
CVE-2011-0029
Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote Desktop Insecure...
CVE-2011-0029
The CVE-2011-0029 issue affects the Microsoft Remote Desktop Connection client (versions 5.2, 6.0, 6.1, 7.0). It is a local privilege-escalation vulnerability caused by an untrusted search path: a Trojan DLL loaded from the current working directory when a directory contains a .rdp file. Impact i...
CVE-2011-0029
Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote Desktop Insecure...
Microsoft Remote Desktop Client Remote Code Execution Vulnerability (2508062)
This host is missing a critical security update according to Microsoft Bulletin MS11-017. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Remote Desktop Connection Client DLL Loading Arbitrary Code Execution Vulnerability
Description Microsoft Remote Desktop Connection client is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially...
Heap overflow
Heap-based buffer overflow in Microsoft Remote Desktop Connection formerly Terminal Services Client running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka "Remote Desktop Connectio...
Security Best Practice: Protect Yourself from MS-RPC and DCE-RPC Vulnerabilities
DCE/RPC stands for "Distributed Computing Environment / Remote Procedure Calls". It is a Remote Procedure Call system that allows software to work across multiple computers, as if it were all working on the same computer. This system allows programmers to write distributed software without having...