Need Help - Security Scan : Window Server 2012 R2 vulnerabilities

1,138 views

Skip to first unread message

shirish kumar

unread,

May 12, 2017, 3:35:06 AM5/12/17

to null-...@googlegroups.com

Hi All,

We have application hosted on AWS and server configuration is Windows Server 2012 R2 with .Net Framework 4.6.1.

In the security scan we got below vulnerabilities. when i search online i am not getting specific fix for Windows Server 2012 R2. Could you please help me out in fixing below vulnerabilities.

1. 18405 - Microsoft Windows Remote Desktop Protocol Server Man-in-the-Middle Weakness

The remote version of the Remote Desktop Protocol Server (Terminal Service) is vulnerable to a man-in-the-middle (MiTM) attack. The RDP client makes no effort to validate the identity of the server when setting up encryption. An attacker with the ability to intercept traffic from the RDP server can establish encryption with the client and server without being detected. A MiTM attack of this nature would allow the attacker to obtain any sensitive information transmitted, including authentication credentials.

This flaw exists because the RDP server stores a hard-coded RSA private key in the mstlsapi.dll library. Any local user with access to this file (on any Windows system) can retrieve the key and use it for this attack.

2. 35291 - SSL Certificate Signed Using Weak Hashing Algorithm

Description:

The remote service uses an SSL certificate chain that has been signed using a cryptographically weak hashing algorithm (e.g. MD2, MD4, MD5, or SHA1). These signature algorithms are known to be vulnerable to collision attacks. An attacker can exploit this to generate another certificate with the same digital signature, allowing an attacker to masquerade as the affected service.

Note that this plugin reports all SSL certificate chains signed with SHA-1 that expire after January 1, 2017 as vulnerable. This is in accordance with Google's gradual sunsetting of the SHA-1 cryptographic hash algorithm.

Note that certificates in the chain that are contained in the Nessus CA database (known_CA.inc) have been ignored.

https://technet.microsoft.com/library/security/961509

3. Microsoft .NET Framework CVE-2013-3860 Remote Denial of Service Vulnerability

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4,

and 4.5 does not properly parse a DTD during XML

digital-signature validation, which allows remote attackers to cause a denial

of service (application crash or hang) via a crafted signed

XML document, aka "Entity Expansion Vulnerability."

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3860

Thanks & Regards,

Shirish Kumar

+919886616989

Reply all

Reply to author

Forward

0 new messages