Terminal Services Web Detection

info Nessus Plugin ID 12234

Synopsis

Terminal Services Client ActiveX is available.

Description

The remote host appears to be configured to facilitate the client download of an ActiveX Terminal Services Client. So, users can access the web page and click a 'connect' button which will prompt a client-side download of a .cab file which will be used to connect the client directly to a terminal services server using Remote Desktop Protocol -- RDP. Of course, you will want to manually inspect this page for possible information regarding systems offering RDP access, system information, IP addressing information, etc.

Solution

Password protect access to the 'tsweb' resource.

Plugin Details

Severity: Info

ID: 12234

File Name: tsweb_detect.nasl

Version: 1.14

Type: remote

Family: CGI abuses

Published: 5/7/2004

Updated: 11/22/2019

Asset Inventory: true

Supported Sensors: Nessus

Vulnerability Information

Excluded KB Items: Settings/disable_cgi_scanning