53 matches found
EUVD-2018-4531
Malware in sbrugna...
MS10-089: Vulnerabilities in Forefront Unified Access Gateway and Microsoft Intelligent Application Gateway could cause elevation of privilege
Resolves vulnerabilities in Forefront Unified Access Gateway UAG that could allow elevation of privilege if a user visits an affected Web site using a specially crafted URL.INTRODUCTIONMicrosoft has released security bulletin MS10-089. To view the complete security bulletin, visit the following...
CVE-2018-12571
uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the origurl parameter, possibly causing a traffic amplification and/or SSRF outcome...
CVE-2018-12571
uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the origurl parameter, possibly causing a traffic amplification and/or SSRF outcome...
CVE-2018-12571
CVE-2018-12571 affects Microsoft Forefront Unified Access Gateway 2010. The vulnerability arises in uniquesig0/InternalSite/InitParams.aspx where a comma-separated orig_url list can trigger outbound DNS queries to arbitrary hosts, enabling potential traffic amplification and/or SSRF. POCs and dis...
Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction Vulnerability
Microsoft Forefront Unified Access Gateway is an SSL VPN gateway server from Microsoft. Microsoft Forefront Unified Access Gateway 2010 external DNS interaction vulnerability allows remote attackers to Trigger URLs in the outbound DNS query origurl parameter from arbitrary hosts via a...
Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction
Exploit Title: Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction Vendor Homepage: https://www.microsoft.com/ Version: 2010 CVE : CVE-2018-12571 Proof of Concept 1 Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for...
MS Forefront Unified Access Gateway Remote Code Execution Vulnerabilities (2544641)
This host is missing an important security update according to Microsoft Bulletin MS11-079. OpenVAS Vulnerability Test $Id: secpodms11-079.nasl 5958 2017-04-17 09:02:19Z teissa $ MS Forefront Unified Access Gateway Remote Code Execution Vulnerabilities 2544641 Authors: Madhuri D Copyright:...
Microsoft Forefront Unified Access Gateway Remote Code Execution Vulnerabilities (2544641)
This host is missing an important security update according to Microsoft Bulletin MS11-079. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
MS12-026: Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860) (uncredentialed check)
Binary data forefrontuagms12-026.nbin...
Microsoft Forefront Unified Access Gateway (UAG) Detection
Detects the installed version of Microsoft Forefront Unified Access Gateway. The script logs in via smb, searches for Microsoft Forefront Unified Access Gateway in the registry and gets the version from registry. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted...
MS Forefront Unified Access Gateway Information Disclosure Vulnerability (2663860)
This host is missing an important security update according to Microsoft Bulletin MS12-026. OpenVAS Vulnerability Test $Id: secpodms12-026.nasl 6018 2017-04-24 09:02:24Z teissa $ MS Forefront Unified Access Gateway Information Disclosure Vulnerability 2663860 Authors: Madhuri D Copyright: Copyrig...
Microsoft Forefront Unified Access Gateway URI公开重定向漏洞(MS12-026)
BUGTRAQ ID: 52903 CVE ID: CVE-2012-0146 Forefront Unified Access Gateway(UAG)是一款远程访问和协作软件。 Microsoft Forefront Unified Access Gateway UAG中存在可导致信息泄露的欺骗漏洞, 攻击者重定向UAG服务器的网络流量,发送恶意链接并诱使用户单击,利用此漏洞获取敏感信息。 0 Microsoft Forefront UAG 2010 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS12-026)以及相应补丁:...
Microsoft Forefront Unified Access Gateway信息泄露漏洞(MS12-026)
BUGTRAQ ID: 52909 CVE ID: CVE-2012-0147 Forefront Unified Access Gateway(UAG)是一款远程访问和协作软件。 Microsoft Forefront Unified Access Gateway UAG中存在漏洞,未验证用户可访问UAG服务器的默认网站,获取敏感信息。 0 Microsoft Forefront UAG 2010 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS12-026)以及相应补丁: MS12-026:Vulnerabilities in...
Microsoft Forefront Unified Access Gateway Information Disclosure Vulnerability (2663860)
This host is missing an important security update according to Microsoft Bulletin MS12-026. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
MS12-026: Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)
The version of Forefront Unified Access Gateway UAG running on the remote host has multiple vulnerabilities : - A spoofing vulnerability that could allow an attacker to redirect a victim to a malicious website. An attacker would have to trick the victim into clicking a specially crafted link in...
CVE-2012-0146
Open redirect vulnerability in Microsoft Forefront Unified Access Gateway UAG 2010 SP1 and SP1 Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "UAG Blind HTTP Redirect Vulnerability."...
CVE-2012-0147
Microsoft Forefront Unified Access Gateway UAG 2010 SP1 and SP1 Update 1 does not properly configure the default web site, which allows remote attackers to obtain sensitive information via a crafted HTTPS request, aka "Unfiltered Access to UAG Default Website Vulnerability."...
Open redirect
Open redirect vulnerability in Microsoft Forefront Unified Access Gateway UAG 2010 SP1 and SP1 Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "UAG Blind HTTP Redirect Vulnerability."...
CVE-2012-0146
Open redirect vulnerability in Microsoft Forefront Unified Access Gateway UAG 2010 SP1 and SP1 Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "UAG Blind HTTP Redirect Vulnerability."...