ISA Server 2000 and Proxy Server 2.0 Internet Content Spoofing (888258)

ISA Server 2000 and Proxy Server 2.0 Spoofing Vulnerabilit

Reporter	Title	Published	Views	Family All 6
CVE	CVE-2004-0892	16 Nov 200405:00	–	cve
Cvelist	CVE-2004-0892	16 Nov 200405:00	–	cvelist
NVD	CVE-2004-0892	27 Jan 200505:00	–	nvd
OpenVAS	ISA Server 2000 and Proxy Server 2.0 Internet Content Spoofing (888258)	3 Nov 200500:00	–	openvas
securityvulns	Microsoft Security Bulletin MS04-039	10 Nov 200400:00	–	securityvulns
Tenable Nessus	MS04-039: ISA Server 2000 and Proxy Server 2.0 Internet Content Spoofing (888258)	13 Nov 200400:00	–	nessus

# OpenVAS Vulnerability Test
# $Id: smb_nt_ms04-039.nasl 6046 2017-04-28 09:02:54Z teissa $
# Description: ISA Server 2000 and Proxy Server 2.0 Internet Content Spoofing (888258)
#
# Authors:
# Noam Rathaus <[email protected]>
#
# Copyright:
# Copyright (C) 2004 Jeff Adams
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

tag_summary = "The ISA Server 2000 and Proxy Server 2.0 have been found to be vulnerable to
a spoofing vulnerability that could enable an attacker to spoof trusted Internet 
content. Users could believe they are accessing trusted Internet content when 
in reality they are accessing malicious Internet content, for example a 
malicious Web site. However, an attacker would first have to persuade a user to 
visit the attacker's to attempt to exploit this vulnerability.

See http://www.microsoft.com/technet/security/bulletin/ms04-039.mspx";

if(description)
{
 script_id(15714);
 script_version("$Revision: 6046 $");
 script_tag(name:"last_modification", value:"$Date: 2017-04-28 11:02:54 +0200 (Fri, 28 Apr 2017) $");
 script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
 script_tag(name:"cvss_base", value:"7.5");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
 script_cve_id("CVE-2004-0892");
 
 name = "ISA Server 2000 and Proxy Server 2.0 Internet Content Spoofing (888258)";
 
 script_name(name);
 

 summary = "Checks for hotfix Q888258";

 
 script_category(ACT_GATHER_INFO);
  script_tag(name:"qod_type", value:"registry");
 
 script_copyright("This script is Copyright (C) 2004 Jeff Adams");
 family = "Windows : Microsoft Bulletins";
 script_family(family);
 script_dependencies("secpod_reg_enum.nasl");
 script_require_keys("SMB/registry_full_access");
 script_mandatory_keys("SMB/WindowsVersion");
 script_require_ports(139, 445);
 script_tag(name : "summary" , value : tag_summary);
 exit(0);
}

port = get_kb_item("SMB/transport");
if(!port)port = 139;

access = get_kb_item("SMB/registry_full_access");
if(!access)exit(0);

fpc = get_kb_item("SMB/Registry/HKLM/SOFTWARE/Microsoft/Fpc");
if (!fpc) exit(0);

fix = get_kb_item("SMB/Registry/HKLM/SOFTWARE/Microsoft/Fpc/Hotfixes/SP1/408");
if(!fix)security_message(port);

28 Apr 2017 00:00Current

6.5Medium risk

Vulners AI Score6.5

EPSS0.10083