SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  Windows Remote Desktop Services Remote Code Execution (EsteemAudit) 2

Category: OS-ATTACKS      

A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0176


Relevant Information