Security Update for ISA Server 2006 Supportability Pack (KB 970811)

ID MS:71CAA710-01C0-4DEB-96A0-EBEEF2ED3290
Type msupdate
Reporter Microsoft
Modified 2009-07-14T17:00:00


When publishing a Web server using forms-based authentication with Radius one-time password (OTP ) as the credentials authority and Kerberos constrained delegation, it may be possible to bypass the form authentication and log on using invalid credentials.