Vulnerabilities > CVE-2011-1968 - Resource Management Errors vulnerability in Microsoft products
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly process packets in memory, which allows remote attackers to cause a denial of service (reboot) by sending crafted RDP packets triggering access to an object that (1) was not properly initialized or (2) is deleted, as exploited in the wild in 2011, aka "Remote Desktop Protocol Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 4 |
Common Weakness Enumeration (CWE)
Msbulletin
bulletin_id | MS11-065 |
bulletin_url | |
date | 2011-08-09T00:00:00 |
impact | Denial of Service |
knowledgebase_id | 2570222 |
knowledgebase_url | |
severity | Important |
title | Vulnerability in Remote Desktop Protocol Could Allow Denial of Service |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS11-065.NASL |
description | A denial of service vulnerability exists in the implementation of the Remote Desktop Protocol (RDP) on the remote Windows host due to the way it accesses an object in memory that has been improperly initialized or has been deleted. If RDP has been enabled on the affected system, an unauthenticated, remote attacker could leverage this vulnerability to cause the system to stop responding and automatically reboot by sending a sequence of specially crafted RDP packets to it. Note that the Remote Desktop Protocol is not enabled by default. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 55795 |
published | 2011-08-09 |
reporter | This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/55795 |
title | MS11-065: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (2570222) |
code |
|
Oval
accepted | 2011-09-26T04:00:14.153-04:00 | ||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||
contributors |
| ||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||
description | The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly process packets in memory, which allows remote attackers to cause a denial of service (reboot) by sending crafted RDP packets triggering access to an object that (1) was not properly initialized or (2) is deleted, as exploited in the wild in 2011, aka "Remote Desktop Protocol Vulnerability." | ||||||||||||||||||||
family | windows | ||||||||||||||||||||
id | oval:org.mitre.oval:def:12806 | ||||||||||||||||||||
status | accepted | ||||||||||||||||||||
submitted | 2011-08-09T13:00:00 | ||||||||||||||||||||
title | Remote Desktop Protocol Vulnerability | ||||||||||||||||||||
version | 42 |
Seebug
bulletinFamily | exploit |
description | Bugtraq ID: 48995 CVE ID:CVE-2011-1968 Microsoft Windows是一款流行的操作系统。 当处理特制的RDP报文时,远程桌面服务存在安全漏洞,攻击者发送特制的RDP报文序列可使系统重新启动。 要成功利用漏洞需要远程桌面管理启用(默认不启用) Microsoft Windows XP Service Pack 3 0 Microsoft Windows XP Professional x64 Edition SP2 Microsoft Windows XP Professional x64 Edition Microsoft Windows XP Professional SP3 Microsoft Windows XP Professional SP2 Microsoft Windows XP Professional SP1 Microsoft Windows XP Professional Microsoft Windows XP Home SP3 Microsoft Windows XP Home SP2 Microsoft Windows XP Home SP1 Microsoft Windows XP Home Microsoft Windows XP 64-bit Edition SP1 Microsoft Windows XP 64-bit Edition Microsoft Windows Server 2003 x64 SP2 Microsoft Windows Server 2003 x64 SP1 Microsoft Windows Server 2003 Itanium SP2 Microsoft Windows Server 2003 Itanium SP1 Microsoft Windows Server 2003 Itanium 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息: http://www.microsoft.com/technet/security/Bulletin/MS11-065.mspx |
id | SSV:20832 |
last seen | 2017-11-19 |
modified | 2011-08-10 |
published | 2011-08-10 |
reporter | Root |
title | Microsoft Windows 远程桌面协议CVE-2011-1968拒绝服务漏洞 |