CVE-2009-1135
CVE-2009-1135 affects Microsoft ISA Server 2006 (Gold/SP1) when Radius OTP is enabled. The vulnerability stems from ISA Server using HTTP-Basic authentication for Radius OTP-enabled requests, which can let a remote attacker impersonate a valid user and access published web resources behind the IS...