Re: Microsoft Terminal Services vulnerable to MITM-attacks.

From: Henrik Storner (henrik-bbat_private)
Date: Thu Apr 03 2003 - 21:32:39 PST

Next message: Steven M. Christey: "An Alternate View of Recently Reported PHP Vulnerabilities"

Previous message: Javi Lavandeira: "Re: @(#)Mordred Labs advisory - Integer overflow in PHP str_repeat() function"
Next in thread: Carlos Branco: "Re: Microsoft Terminal Services vulnerable to MITM-attacks."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In <1049409543.15153.6.camelat_private> Devin Heitmueller
<dheitmuellerat_private> writes:

>On Wed, 2003-04-02 at 19:09, Larry Seltzer wrote:
>> >>RDP is vulnerable to Man In The Middle attacks
>> 
>> Do you know if ICA (Citrix products) is also vulnerable?
>
>The ICA Protocol is also vulnerable.  They use Diffe-Hellman for key
>agreement.  But there is no PKI in the protocol to verify the identity
>of the server.

AFAIK, Citrix' recommendation if you want to guard against this
type of attack is to use their Citrix Secure Gateway software,
which tunnels the ICA protocol data inside an SSL connection.
This uses the normal SSL certificate handshake to verify the
identity of the server.

Henrik Storner

Next message: Steven M. Christey: "An Alternate View of Recently Reported PHP Vulnerabilities"
Previous message: Javi Lavandeira: "Re: @(#)Mordred Labs advisory - Integer overflow in PHP str_repeat() function"
Next in thread: Carlos Branco: "Re: Microsoft Terminal Services vulnerable to MITM-attacks."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 04 2003 - 12:06:57 PST