Security Update for ISA Server 2006 RTM (KB 970811)

ID MS:4E234A11-B1F7-4BDB-B5F0-FD20C4D46C8A
Type msupdate
Reporter Microsoft
Modified 2009-07-14T17:00:00


When publishing a Web server using forms-based authentication with Radius one-time password (OTP ) as the credentials authority and Kerberos constrained delegation, it may be possible to bypass the form authentication and log on using invalid credentials.