Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
|
Post reply
Re: Microsoft Terminal Services vulnerable to MITM-attacks.
Apr 10 2003 02:18PM
Carlos Branco (cb all-is-on com)
In-Reply-To: <uod6k5g9fr.fsf (at) hostname.lkpg.cendio (dot) se [email concealed]>
>This means RDP is vulnerable to Man In The Middle attacks (from here
>on referred to as MITM attacks).
Great piece of research by Erik Forsberg and his team. However, this
vulnerability does NOT affect Remote Desktop Web connection (aka TSAC),
when used with SSL. This is because the RDP web client would rely on the
Server-Side SSL cert to prove the authenticity of the server, making MTM
attacks "virtually" impossible.
Anyway, if you're deploying RDP and are worried about this exploit,
try running it over SSL. More information can be found at:
//www.microsoft.com/windows2000/server/evaluation/news/bulletins/tsac.as
p
Carlos Branco, CISSP
[ reply ]
Privacy Statement
Copyright 2009, SecurityFocus
>This means RDP is vulnerable to Man In The Middle attacks (from here
>on referred to as MITM attacks).
Great piece of research by Erik Forsberg and his team. However, this
vulnerability does NOT affect Remote Desktop Web connection (aka TSAC),
when used with SSL. This is because the RDP web client would rely on the
Server-Side SSL cert to prove the authenticity of the server, making MTM
attacks "virtually" impossible.
Anyway, if you're deploying RDP and are worried about this exploit,
try running it over SSL. More information can be found at:
//www.microsoft.com/windows2000/server/evaluation/news/bulletins/tsac.as
p
Carlos Branco, CISSP
[ reply ]