CVE-2007-2593 - Vulnerability Details - OpenCVE

The Terminal Server in Microsoft Windows 2003 Server, when using TLS, allows remote attackers to bypass SSL and self-signed certificate requirements, downgrade the server security, and possibly conduct man-in-the-middle attacks via unspecified vectors, as demonstrated using the Remote Desktop Protocol (RDP) 6.0 client. NOTE: a third party claims that the vendor may have fixed this in approximately 2006.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.04516.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Terminal Server Windows 2003 Server

Configuration 1 [-]

AND

cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:terminal_server:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2007-2586	The Terminal Server in Microsoft Windows 2003 Server, when using TLS, allows remote attackers to bypass SSL and self-signed certificate requirements, downgrade the server security, and possibly conduct man-in-the-middle attacks via unspecified vectors, as demonstrated using the Remote Desktop Protocol (RDP) 6.0 client. NOTE: a third party claims that the vendor may have fixed this in approximately 2006.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://osvdb.org/36146
http://www.securityfocus.com/archive/1/468049/100/0/threaded
http://www.securityfocus.com/archive/1/468057/100/0/threaded
http://www.securityfocus.com/archive/1/468203/100/0/threaded
http://www.securityfocus.com/bid/23899

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-05-11T03:55:00

Updated: 2024-08-07T13:42:33.553Z

Reserved: 2007-05-10T00:00:00

Link: CVE-2007-2593

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-05-11T04:20:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-2593

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-05-09T00:00:00", "descriptions": [{"lang": "en", "value": "The Terminal Server in Microsoft Windows 2003 Server, when using TLS, allows remote attackers to bypass SSL and self-signed certificate requirements, downgrade the server security, and possibly conduct man-in-the-middle attacks via unspecified vectors, as demonstrated using the Remote Desktop Protocol (RDP) 6.0 client. NOTE: a third party claims that the vendor may have fixed this in approximately 2006."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20070509 RDP TLS downgrade", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/468049/100/0/threaded"}, {"name": "20070509 RE: RDP TLS downgrade", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/468057/100/0/threaded"}, {"name": "20070510 RE: RDP TLS downgrade", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/468203/100/0/threaded"}, {"name": "36146", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/36146"}, {"name": "23899", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23899"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2593", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Terminal Server in Microsoft Windows 2003 Server, when using TLS, allows remote attackers to bypass SSL and self-signed certificate requirements, downgrade the server security, and possibly conduct man-in-the-middle attacks via unspecified vectors, as demonstrated using the Remote Desktop Protocol (RDP) 6.0 client. NOTE: a third party claims that the vendor may have fixed this in approximately 2006."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20070509 RDP TLS downgrade", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/468049/100/0/threaded"}, {"name": "20070509 RE: RDP TLS downgrade", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/468057/100/0/threaded"}, {"name": "20070510 RE: RDP TLS downgrade", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/468203/100/0/threaded"}, {"name": "36146", "refsource": "OSVDB", "url": "http://osvdb.org/36146"}, {"name": "23899", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23899"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T13:42:33.553Z"}, "title": "CVE Program Container", "references": [{"name": "20070509 RDP TLS downgrade", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/468049/100/0/threaded"}, {"name": "20070509 RE: RDP TLS downgrade", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/468057/100/0/threaded"}, {"name": "20070510 RE: RDP TLS downgrade", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/468203/100/0/threaded"}, {"name": "36146", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/36146"}, {"name": "23899", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23899"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-2593", "datePublished": "2007-05-11T03:55:00", "dateReserved": "2007-05-10T00:00:00", "dateUpdated": "2024-08-07T13:42:33.553Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:terminal_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "40242161-D5AD-4314-AB95-E61292C49DF2", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Terminal Server in Microsoft Windows 2003 Server, when using TLS, allows remote attackers to bypass SSL and self-signed certificate requirements, downgrade the server security, and possibly conduct man-in-the-middle attacks via unspecified vectors, as demonstrated using the Remote Desktop Protocol (RDP) 6.0 client. NOTE: a third party claims that the vendor may have fixed this in approximately 2006."}, {"lang": "es", "value": "El Terminal Server del Microsoft Windows 2003 Server, cuando utiliza TLS, permite a atacantes remotos evitar el SSL y los requisitos del certificado \u201cself-signed\u201d (firmado por el creador), lo que degrada la seguridad en el servidor y, posiblemente, permite llevar a cabo ataques de \"hombre en medio\" (man-in-the-middle) mediante vectores sin especificar, como lo demostrado usando el cliente Remote Desktop Protocol (RDP) 6.0. NOTA: terceras partes establecen que el fabricante puede haber arreglado esta vulnerabilidad sobre el 2006."}], "id": "CVE-2007-2593", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-05-11T04:20:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/36146"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/468049/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/468057/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/468203/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/23899"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/36146"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/468049/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/468057/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/468203/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/23899"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}