299 matches found
February 2014 Microsoft Patch Tuesday Security Bulletins
February’s Microsoft Patch Tuesday promises to be a relatively straightforward set of bulletins, but more noteworthy is that it’s the same day Microsoft officially deprecates the MD5 hash algorithm. Announced last August, Microsoft will officially restrict the use of digital certificates with MD5...
MS Security Advisory 2846338: Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution
A vulnerable version of Microsoft Malware Protection Engine MMPE is installed on the remote host. Scanning a maliciously crafted file can result in arbitrary code execution. This plugin checks if a vulnerable version of MMPE is being used by any of the following applications : - Microsoft Forefro...
Microsoft Malware Protection Engine CVE-2013-1346 Remote Code Execution Vulnerability
Description Microsoft Malware Protection Engine is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code with LocalSystem account privileges. Failed exploit attempts will result in a denial-of-service condition. Microsoft Malware Protection...
MS Forefront Unified Access Gateway Remote Code Execution Vulnerabilities (2544641)
This host is missing an important security update according to Microsoft Bulletin MS11-079. OpenVAS Vulnerability Test $Id: secpodms11-079.nasl 5958 2017-04-17 09:02:19Z teissa $ MS Forefront Unified Access Gateway Remote Code Execution Vulnerabilities 2544641 Authors: Madhuri D Copyright:...
Microsoft Forefront Unified Access Gateway Remote Code Execution Vulnerabilities (2544641)
This host is missing an important security update according to Microsoft Bulletin MS11-079. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2010-5144
The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an...
Design/Logic Flaw
The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an...
CVE-2010-5144
The CVE-2010-5144 issue affects the ISAPI Filter plug-in used with Websense Enterprise, Websense Web Security, and Websense Web Filter (versions 6.3.3 and earlier) when deployed behind Microsoft ISA or Forefront TMG. The vulnerability allows remote attackers to bypass intended filtering and monit...
MS12-026: Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860) (uncredentialed check)
Binary data forefrontuagms12-026.nbin...
Microsoft Forefront Unified Access Gateway (UAG) Detection
Detects the installed version of Microsoft Forefront Unified Access Gateway. The script logs in via smb, searches for Microsoft Forefront Unified Access Gateway in the registry and gets the version from registry. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted...
MS Forefront Unified Access Gateway Information Disclosure Vulnerability (2663860)
This host is missing an important security update according to Microsoft Bulletin MS12-026. OpenVAS Vulnerability Test $Id: secpodms12-026.nasl 6018 2017-04-24 09:02:24Z teissa $ MS Forefront Unified Access Gateway Information Disclosure Vulnerability 2663860 Authors: Madhuri D Copyright: Copyrig...
Microsoft Forefront Unified Access Gateway URI公开重定向漏洞(MS12-026)
BUGTRAQ ID: 52903 CVE ID: CVE-2012-0146 Forefront Unified Access Gateway(UAG)是一款远程访问和协作软件。 Microsoft Forefront Unified Access Gateway UAG中存在可导致信息泄露的欺骗漏洞, 攻击者重定向UAG服务器的网络流量,发送恶意链接并诱使用户单击,利用此漏洞获取敏感信息。 0 Microsoft Forefront UAG 2010 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS12-026)以及相应补丁:...
Microsoft Forefront Unified Access Gateway信息泄露漏洞(MS12-026)
BUGTRAQ ID: 52909 CVE ID: CVE-2012-0147 Forefront Unified Access Gateway(UAG)是一款远程访问和协作软件。 Microsoft Forefront Unified Access Gateway UAG中存在漏洞,未验证用户可访问UAG服务器的默认网站,获取敏感信息。 0 Microsoft Forefront UAG 2010 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS12-026)以及相应补丁: MS12-026:Vulnerabilities in...
Microsoft Forefront Unified Access Gateway Information Disclosure Vulnerability (2663860)
This host is missing an important security update according to Microsoft Bulletin MS12-026. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Forefront Unified Access Gateway information leakage
Request redirection, access restrictions bypass...
MS12-026: Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)
The version of Forefront Unified Access Gateway UAG running on the remote host has multiple vulnerabilities : - A spoofing vulnerability that could allow an attacker to redirect a victim to a malicious website. An attacker would have to trick the victim into clicking a specially crafted link in...
CVE-2012-0146
Open redirect vulnerability in Microsoft Forefront Unified Access Gateway UAG 2010 SP1 and SP1 Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "UAG Blind HTTP Redirect Vulnerability."...
CVE-2012-0147
Microsoft Forefront Unified Access Gateway UAG 2010 SP1 and SP1 Update 1 does not properly configure the default web site, which allows remote attackers to obtain sensitive information via a crafted HTTPS request, aka "Unfiltered Access to UAG Default Website Vulnerability."...
Default credentials
Microsoft Forefront Unified Access Gateway UAG 2010 SP1 and SP1 Update 1 does not properly configure the default web site, which allows remote attackers to obtain sensitive information via a crafted HTTPS request, aka "Unfiltered Access to UAG Default Website Vulnerability."...
Open redirect
Open redirect vulnerability in Microsoft Forefront Unified Access Gateway UAG 2010 SP1 and SP1 Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "UAG Blind HTTP Redirect Vulnerability."...