Weak Encryption in RDP Protocol: Exposing Encrypted Sessions via Sniffing

Weak Encryption in RDP Protocol: Exposing Encrypted Sessions via Sniffing

CVE-2002-0863 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol."

Learn more about our Web Application Penetration Testing UK.