mDNS Poisoning Possible
The Multicast Domain Name System (mDNS) protocol enables devices on a local network to identify other hosts on the network in a decentralized manner. An attacker can spoof a reply as an authoritative source to a victim request and capture the credential information passed over the network. Credential information may be captured in hashed or plaintext format.
A captured hash credential can be cracked offline to discover the plaintext password for reuse on other systems or the hash can be relayed and used to access other systems as well. Likewise, a captured plaintext credential can be immediately used to access other systems.