BugTraq
Microsoft Terminal Services vulnerable to MITM-attacks. Apr 01 2003 10:05PM
Erik Forsberg forsberg+btq@cendio.se (forsberg+btq cendio se) (1 replies)
RE: Microsoft Terminal Services vulnerable to MITM-attacks. Apr 03 2003 12:09AM
Larry Seltzer (larry larryseltzer com) (2 replies)
RE: Microsoft Terminal Services vulnerable to MITM-attacks. Apr 03 2003 10:39PM
Devin Heitmueller (dheitmueller netilla com) (1 replies)
The ICA Protocol is also vulnerable. They use Diffe-Hellman for key
agreement. But there is no PKI in the protocol to verify the identity
of the server.

It's harder (because less of ICA has been reversed engineered), but it
is possible.

On Wed, 2003-04-02 at 19:09, Larry Seltzer wrote:
> >>RDP is vulnerable to Man In The Middle attacks (from here on referred to as MITM
> attacks). The attack works as follows:
>
> Do you know if ICA (Citrix products) is also vulnerable?
>
> LJS
--
Devin Heitmueller
Senior Software Engineer
Netilla Networks Inc

[ reply ]
Re: Microsoft Terminal Services vulnerable to MITM-attacks. Apr 04 2003 05:32AM
Henrik Storner (henrik-bb hswn dk)
Re: Microsoft Terminal Services vulnerable to MITM-attacks. Apr 03 2003 02:49PM
Erik Forsberg (forsberg cendio se)


 

Privacy Statement
Copyright 2010, SecurityFocus