• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows Encrypted RDP Packet Information Leakage Vulnerability

Microsoft Windows Terminal Services encrypted Remote Desktop Protocol (RDP)
is prone to a weakness which has the potential to leak information to attackers with the ability to intercept network traffic.

It is possible to enable encryption for RDP. Packet checksums are prepended to each encrypted packet, but use a static key for the entire session. As a result, packets with identical contents will have the same checksum. If the same packet is sent repeatedly, this has the potential to leak potentially useful information to attackers who can intercept the traffic. An attacker may be able to deduce certain things about the nature of the traffic, such as when certain events occur during the session.

Any plug-ins which use Microsoft's Terminal Services Virtual Channels are also affected by this vulnerability.