WPAD name collision bug opens door for MitM attackers (Help Net Security)

2016-05-24 15:01

A vulnerability in Web Proxy Auto-Discovery (WPAD), a protocol used to ensure all systems in an organization utilize the same web proxy configuration, can be exploited to mount MitM attacks from anywhere on the Internet, US-CERT warns. “With the New gTLD program, previously undelegated gTLD strings are now being delegated for public domain name registration. These strings may be used by private or enterprise networks, and in certain circumstances, such as when a work computer … More →

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/bfJT8nbPTGE/

#mitm #security