The NTLMv1-2 challenge-response protocol provides absolutely no protection against credentials forwarding/relay or reflection attacks. This means that an active attacker (such as a man-the-middle) can redirect the login of the legitimate user to authenticate his own session.
|
||||||
Security flaws haunt NTLMv1-2 challenge-response protocolLeave a ReplyYou must be logged in to post a comment. |
||||||
|
Copyright © 2012 Spyware Security - All Rights Reserved |
||||||
