Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-0077
HistoryApr 15, 2009 - 8:00 a.m.

CVE-2009-0077

2009-04-1508:00:00
[email protected]
web.nvd.nist.gov
3

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.4

Confidence

High

EPSS

0.948

Percentile

99.3%

JSON

The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka โ€œWeb Proxy TCP State Limited Denial of Service Vulnerability.โ€

Affected configurations

Nvd
Node
microsoftforefront_threat_management_gatewayMatch--medium_business
OR
microsoftinternet_security_and_acceleration_serverMatch2004sp3enterprise
OR
microsoftinternet_security_and_acceleration_serverMatch2004sp3standard
OR
microsoftinternet_security_and_acceleration_serverMatch2006sp1
OR
microsoftinternet_security_and_acceleration_serverMatch2006supportability
VendorProductVersionCPE
microsoftforefront_threat_management_gateway-cpe:2.3:a:microsoft:forefront_threat_management_gateway:-:-:medium_business:*:*:*:*:*
microsoftinternet_security_and_acceleration_server2004cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2004:sp3:enterprise:*:*:*:*:*
microsoftinternet_security_and_acceleration_server2004cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2004:sp3:standard:*:*:*:*:*
microsoftinternet_security_and_acceleration_server2006cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2006:sp1:*:*:*:*:*:*
microsoftinternet_security_and_acceleration_server2006cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2006:supportability:*:*:*:*:*:*

Related

seebug 1
cvelist 1
checkpoint_advisories 2
prion 1
cve 1
securityvulns 2
nessus 1
openvas 2
seebug
seebug
Microsoft ISA Serverๅ’ŒForefront TMGๆ‹’็ปๆœๅŠกๆผๆดž๏ผˆMS09-016๏ผ‰
2009-04-16 00:00:00
cvelist
cvelist
CVE-2009-0077
2009-04-15 03:49:00
checkpoint_advisories
checkpoint_advisories
Microsoft Web Proxy TCP State Limited Denial of Service (MS09-016; CVE-2009-0077)
2012-07-23 00:00:00
Workaround for Microsoft ISA Server TCP State Limited Denial of Service Vulnerability (MS09-016)
2009-04-14 00:00:00
prion
prion
Denial of service
2009-04-15 08:00:00
cve
cve
CVE-2009-0077
2009-04-15 08:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS09-016 - Important Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Could Cause Denial of Service (961759)
2009-04-15 00:00:00
Microsoft ISA Server / Forefront Threat Management Gateway DoS
2009-04-15 00:00:00
nessus
nessus
MS09-016: Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway Could Cause Denial of Service (961759)
2009-04-14 00:00:00
openvas
openvas
Microsoft ISA Server and Forefront Threat Management Gateway DoS Vulnerability (961759)
2009-04-23 00:00:00
Microsoft ISA Server and Forefront Threat Management Gateway DoS Vulnerability (961759)
2009-04-23 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.4

Confidence

High

EPSS

0.948

Percentile

99.3%

JSON
Related for NVD:CVE-2009-0077
seebug1cvelist1checkpoint_advisories2prion1cve1securityvulns2nessus1openvas2