CVE-2019-0708 – Microsoft Remote Desktop Services Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2019-0708

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. Existe una vulnerabilidad de ejecución remota de código en Remote Desktop Services, anteriormente conocido como Terminal Services, cuando un atacante no autenticado se conecta al sistema de destino mediante RDP y envía peticiones especialmente diseñadas, conocida como 'Remote Desktop Services Remote Code Execution Vulnerability'. The RDP termdd.sys driver improperly handles binds to internal-only channel MS_T120, allowing a malformed Disconnect Provider Indication message to cause a use-after-free. With a controllable data/size remote nonpaged pool spray, an indirect call gadget of the freed channel is used to achieve arbitrary code execution. Microsoft Remote Desktop Services, formerly known as Terminal Service, contains an unspecified vulnerability that allows an unauthenticated attacker to connect to the target system using RDP and send specially crafted requests. • https://www.exploit-db.com/exploits/47120 https://www.exploit-db.com/exploits/46946 https://www.exploit-db.com/exploits/47416 https://www.exploit-db.com/exploits/47683 https://github.com/k8gege/CVE-2019-0708 https://github.com/n1xbyte/CVE-2019-0708 https://github.com/victor0013/CVE-2019-0708 https://github.com/cbwang505/CVE-2019-0708-EXP-Windows https://github.com/Leoid/CVE-2019-0708 https://github.com/p0p0p0/CVE-2019-0708-exploit https://github.com/worawit • CWE-416: Use After Free •