[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Microsoft Terminal Services vulnerable to MITM-attacks.

If someone 0wns your pipe between you and the Terminal Server(s) then
you got bigger problems then the existing MITM attack. Whether the
attack sets it up via ARP spoofing, or other trickery. 

If you are really worried about this, encrypt your communications via


Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization

-----Original Message-----
From: Ansgar Wiechers [mailto:bugtraq@xxxxxxxxxxxxxxxx] 
Sent: Wednesday, February 09, 2011 7:46 AM
To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Microsoft Terminal Services vulnerable to MITM-attacks.

On 2011-02-08 sam.vaughey@xxxxxxxxx wrote:
> Does this issue still exist ? 

Depends on the configuration. Unless configured to require network level
authentication, RDP is still prone to MitM attacks AFAIK.

Ansgar Wiechers
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq