Bugtraq mailing list archives
RE: Microsoft Terminal Services vulnerable to MITM-attacks.
From: Devin Heitmueller <dheitmueller () netilla com>
Date: 03 Apr 2003 17:39:03 -0500
The ICA Protocol is also vulnerable. They use Diffe-Hellman for key agreement. But there is no PKI in the protocol to verify the identity of the server. It's harder (because less of ICA has been reversed engineered), but it is possible. On Wed, 2003-04-02 at 19:09, Larry Seltzer wrote:
RDP is vulnerable to Man In The Middle attacks (from here on referred to as MITMattacks). The attack works as follows: Do you know if ICA (Citrix products) is also vulnerable? LJS
-- Devin Heitmueller Senior Software Engineer Netilla Networks Inc
Current thread:
- Microsoft Terminal Services vulnerable to MITM-attacks. Erik Forsberg (Apr 02)
- RE: Microsoft Terminal Services vulnerable to MITM-attacks. Larry Seltzer (Apr 03)
- Re: Microsoft Terminal Services vulnerable to MITM-attacks. Erik Forsberg (Apr 03)
- RE: Microsoft Terminal Services vulnerable to MITM-attacks. Devin Heitmueller (Apr 03)
- Re: Microsoft Terminal Services vulnerable to MITM-attacks. Henrik Storner (Apr 04)
- <Possible follow-ups>
- Re: Microsoft Terminal Services vulnerable to MITM-attacks. Carlos Branco (Apr 10)
- RE: Microsoft Terminal Services vulnerable to MITM-attacks. Larry Seltzer (Apr 03)