What is Mutual Authentication?
Both the client and the server machines will exchange credentials to verify identities before data is exchanged. What might an attacker use the vulnerability to do? An attacker who successfully exploited this vulnerability could impersonate a valid service. Who could exploit the vulnerability? An attacker would first need to persuade a user to connect to a resource which requires mutual authentication using Secure Sockets Layer (SSL). The attacker could then impersonate a valid RPC server. An attacker would have no way to force users to visit the RPC server. How could an attacker exploit the vulnerability? An attacker could try to exploit the vulnerability by persuading a user to connect to an RPC service which has been configured to impersonate a valid server. What systems are primarily at risk from the vulnerability? Workstations and servers are at risk from this vulnerability. Could the vulnerability be exploited over the Internet? Yes. An attacker could try to exploit this vulnerab
Related Questions
- Now that I have Remote Desktop Connection 6.0, how do I get past the authentication on the client, and authenticate with the logon keyboard on the server?
- How could I use NTLM Authentication to authenticate via Windows NT Authentication for a servlet based intranet-application ?
- What is Mutual Authentication?
