Vulnerability
Remote Desktop
Affected
Win95/95/ME running Mcafee Remote Desktop 3.0 and below
Description
'altomo' found following. It is possible for remote attacker to
crash Remote Desktop session - in some cases crashing the remote
desktop agent.
Remote desktop agent listens on ports 5044 and 5045. 5044 is to
send data and 5045 is to receive data. After a session is
started a 3rd system can be used to send data to port 5045 of the
agent and crash the session. The agent will then not respond for
roughly a minute, and in some cases not respond until restarted.
To recreate this simply use netcat and send lots of data to port
5045 on the client system.
Solution
Don't use Remote Desktop on public infrastructure. Filter where
ever possible.
Credits
-- UnKnown --
|