Reported November 19, 2001, by
Xato Network Security.
VERSIONS AFFECTED
Microsoft
Windows XP
Microsoft
Windows 2000
DESCRIPTION
VENDOR RESPONSE
The
vendor, Microsoft, has acknowledged this
vulnerability and will issue a fix as part of Windows 2000 Service Pack 3.
CREDIT
A
vulnerability exists in Microsoft Windows Terminal Services that might let a
hacker cause both the Terminal Services Manager and the Windows Event Log to
record a spoofed IP address for Terminal Services connections. This
vulnerability stems from Windows Terminal Services use of the connecting
client’s internal IP address. By using Network Address Translation (NAT), an
attacker can fool Windows Terminal Services into thinking that the client is
connecting from a different IP address.
Discovered by Sozni
of Xato Network Security.
IP Address Spoofing Vulnerability in Microsoft Windows Terminal Services
1 comment
Hide comments