CVE-2005-1794

Name of the Vulnerable Software and Affected Versions Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2

Description The issue concerns the storage of an RSA private key in mstlsapi.dll, which is used to sign a certificate. This allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks. The vulnerability in the mstlsapi.dll library of the Remote Desktop Services (RDS) in Windows operating systems is related to the unencrypted storage of critical information, enabling a remote attacker to perform a man-in-the-middle attack.

Recommendations For Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.