[29732] in bugtraq
Re: Microsoft Terminal Services vulnerable to MITM-attacks.
daemon@ATHENA.MIT.EDU (Carlos Branco)
Thu Apr 10 20:27:51 2003
Date: 10 Apr 2003 14:18:37 -0000
Message-ID: <20030410141837.15485.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: Carlos Branco <cb@all-is-on.com>
To: bugtraq@securityfocus.com
In-Reply-To: <uod6k5g9fr.fsf@hostname.lkpg.cendio.se>
>This means RDP is vulnerable to Man In The Middle attacks (from here
>on referred to as MITM attacks).
Great piece of research by Erik Forsberg and his team. However, this
vulnerability does NOT affect Remote Desktop Web connection (aka TSAC),
when used with SSL. This is because the RDP web client would rely on the
Server-Side SSL cert to prove the authenticity of the server, making MTM
attacks "virtually" impossible.
Anyway, if you're deploying RDP and are worried about this exploit,
try running it over SSL. More information can be found at:
//www.microsoft.com/windows2000/server/evaluation/news/bulletins/tsac.asp
Carlos Branco, CISSP
