1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WPAD name collision bug opens door for MitM attackers

Discussion in 'Help Net Security' started by RSS, May 24, 2016.

  1. RSS

    RSS New Member Member

    A vulnerability in Web Proxy Auto-Discovery (WPAD), a protocol used to ensure all systems in an organization utilize the same web proxy configuration, can be exploited to mount MitM attacks from anywhere on the Internet, US-CERT warns. “With the New gTLD program, previously undelegated gTLD strings are now being delegated for public domain name registration. These strings may be used by private or enterprise networks, and in certain circumstances, such as when a work computer … More →

    Continue reading...

Share This Page