Computer Security

Forum
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Windows NTLM relaying attacks
updated since 14.09.2000
Published:24.04.2003
Source:BUGTRAQ
SecurityVulns ID:542
Type:client
Level:7/10
Description:Some client program use NTLM authentication with user's permission without user request. It may leak to NTLM credentials and perform choosen challenge attack and comprometation of server's with client credentials by relaying NTLM request.
Affected:MICROSOFT : Windows NT 4.0 Workstation
 MICROSOFT : Windows NT 4.0 Server
 MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Advanced Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows 98
 MICROSOFT : Windows 95
 MICROSOFT : Windows ME
 MICROSOFT : Windows XP
Original documentdocument3APA3A, Outlook Express and SPA (Secure Password Authentication) (20.10.2001)
 documentseclab_(at)_ce.aut.ac.ir, Authentication flaw in microsoft SMB protocol (24.04.2003)
 documentL0PHT, @stake Advisory: NTLM Replaying via Windows 2000 Telnet Client (A 091400-1) (15.09.2000)
 documentMICROSOFT, Security Bulletin (MS00-067) (15.09.2000)
 documentmonti, Win2k Telnet.exe malicious server vulnerability (14.09.2000)
 documentmonti, Win2k Telnet.exe malicious server vulnerability (14.09.2000)
Files:Server for Win2K telnet NTLM response interseption
 Prehashed NTLM challenge.
 NTLM Rogue Telnet Server (@Stake)
 Exploit for "Authentication flaw in Windows SMB protocol"
 Patch Win2K telnet NTLM Authentication
Discuss:Read or add your comments to this news (0 comments)

Show Threads
Messages
 
Login:* (Register)
Password:*
(private) To:
(reply) Subject:*
Text:

Main Forum (Eng)

General security questions not appropriate for another forums. 		3proxy Forum (Eng)

All 3proxy question must be posted to this forum. 		Bugs, Vulnerabilities, PoCs and Exploits (Eng)

All vulnerability related questions, vulnerability digging and exploit creation. 		Windows programming and administration (Eng)

Administering Windows and application development. 		Unix programming and administation (Eng)

Administering Unix and application development. 		Test forum

Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)
 3proxy Forum (Rus)
 Bugs, Vulnerabilities, PoCs and Exploits (Rus)
 Windows programming and administration (Rus)
 Unix programming and administation (Rus)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server