[jcifs] Replay attacks
Marcel.Schoen at united-security-providers.ch
Fri May 11 08:36:37 GMT 2007
I have implemented jcifs in one of our web applications and I am using it for authenticating clients by NTLM challenge/response. So far so good till I figured out that a client is receiving several times the same challenge. Couldn't that be used for a straight replay attack?
Probably I have just missconfigured JCIFS. Is there a configuration property I should consider?
More information about the jcifs