Microsoft Windows Remote Desktop Protocol Server Key Verification Vulnerability

info
discussion
exploit
solution
references

Microsoft Windows Remote Desktop Protocol Server Key Verification Vulnerability

The Windows Remote Desktop Protocol (RDP) clients do not attempt to validate the public key of the server to which they are connecting. This makes a man in the middle attack possible.