CVE-2002-0863

Published: Oct 11, 2002Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol."

Affected (22)

Products: Microsoft: .net Windows Server, Windows 2000, Windows 2000 Terminal Services, Windows Nt, Windows Xp

Microsoft

5 products

.net Windows Server

Windows 2000

Windows 2000 Terminal Services

Windows Nt

Windows Xp

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft .net Windows Server	Version beta3

Configuration B

21 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 2000	All versions
Microsoft Windows 2000	All versions
Microsoft Windows 2000	All versions
Microsoft Windows 2000	All versions
Microsoft Windows 2000 Terminal Services	All versions
Microsoft Windows 2000 Terminal Services	All versions
Microsoft Windows 2000 Terminal Services	All versions
Microsoft Windows 2000 Terminal Services	All versions
Microsoft Windows Nt	Version 4.0
Microsoft Windows Nt	Version 4.0 sp1
Microsoft Windows Nt	Version 4.0 sp2
Microsoft Windows Nt	Version 4.0 sp3
Microsoft Windows Nt	Version 4.0 sp4
Microsoft Windows Nt	Version 4.0 sp5
Microsoft Windows Nt	Version 4.0 sp6
Microsoft Windows Nt	Version 4.0 sp6a
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions