EUVD-2001-0539

Malware in sbrugna...

Microsoft ISA Server 2000站点和内容规则绕过漏洞

Microsoft Internet Security和Acceleration Server 2000是一款微软开发的防火墙和代理服务器程序。 Microsoft ISA Server的站点和内容访问规则实现存在问题，远程攻击者可以利用这个漏洞绕过这些规则，访问限制资源。 如果在请求的域名增加点'.'字符，可绕过代理服务器的过滤器，访问管理员规定的限制的资源和内容。如站点和内容规则设置对www.example.com进行拒绝访问，但是用户可以通过如下格式访问目标地址： www.example.com. Microsoft ISA Server 2000 Microsoft ISA...

Vulnerability in Microsoft ISA Server 2000 H.323 Filter (816458)

A security vulnerability exists in the H.323 filter for Microsoft Internet Security and Acceleration Server 2000 that could allow an attacker to overflow a buffer in the Microsoft Firewall Service in Microsoft Internet Security and Acceleration Server 2000. SPDX-FileCopyrightText: 2004 Jeff Adams...

Vulnerability in Microsoft ISA Server 2000 H.323 Filter(816458)

A security vulnerability exists in the H.323 filter for Microsoft Internet Security and Acceleration Server 2000 that could allow an attacker to overflow a buffer in the Microsoft Firewall Service in Microsoft Internet Security and Acceleration Server 2000. An attacker who successfully exploited...

CVE-2001-1533

CVE-2001-1533 affects Microsoft Internet Security and Acceleration (ISA) Server 2000. A denial of service can be triggered by a flood of fragmented UDP packets. Several sources note the vendor disputes the issue, claiming it requires high bandwidth and does not cause instability, suggesting it ma...

Microsoft Security Bulletin MS05-034 Cumulative Security Update for ISA Server 2000 (899753)

Microsoft Security Bulletin MS05-034 Cumulative Security Update for ISA Server 2000 899753 Issued: June 14, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Internet Security and Acceleration ISA Server 2000 Impact of Vulnerability: Elevation of Privilege Maxim...

CVE-2005-1216

Microsoft ISA Server 2000 allows remote attackers to connect to services utilizing the NetBIOS protocol via a NetBIOS connection with an ISA Server that uses the NetBIOS all predefined packet filter...

CVE-2005-1215

CVE-2005-1215 relates to ISA Server 2000's handling of HTTP requests with multiple Content-Length headers, enabling remote attackers to poison the cache or bypass content restrictions. The vulnerability arises from malformed HTTP content-length processing, potentially causing cached or redirected...

CVE-2005-1215

Microsoft ISA Server 2000 allows remote attackers to poison the ISA cache or bypass content restriction policies via a malformed HTTP request packet containing multiple Content-Length headers...

MS05-034: Cumulative Update for ISA Server 2000 (899753)

The remote host is missing a cumulative update for ISA Server 2000 that fixes several security flaws that could allow an attacker to elevate his privileges. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid18487; scriptversion"1.37"; scriptcvsdate"Date: 2018/11/15...

CVE-2005-1907

The ISA Firewall service in Microsoft Internet Security and Acceleration ISA Server 2000 allows remote attackers to cause a denial of service Wspsrv.exe crash via a large amount of SecureNAT network traffic...

[NT] Microsoft ISA Server 2000 DoS

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Microsoft ISA Server 2000 firewall DoS

Microsoft Internet Security and Acceleration Server's Firewall crashes when heavy network traffic is received from a SecureNAT client...

CVE-2005-1907

The ISA Firewall service in Microsoft Internet Security and Acceleration ISA Server 2000 allows remote attackers to cause a denial of service Wspsrv.exe crash via a large amount of SecureNAT network traffic...

Microsoft Private Communication Technology (PCT) fails to properly validate message inputs

Overview A vulnerability exists in the Private Communications Transport PCT protocol, which is part of the Microsoft Secure Sockets Layer SSL library. Exploitation of this vulnerability may permit a remote attacker to compromise the system. An exploit for this issue currently being used to...

CVE-2003-0526

The CVE-2003-0526 entry describes a cross-site scripting (XSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000. The flaw allows remote attackers to inject arbitrary web script via a URL whose domain name portion contains the attack payload. The vulnerability arises...

Microsoft ISA Server 2000 - Cross-Site Scripting

Microsoft ISA Server 2000 - Cross-Site Scripting source: https://www.securityfocus.com/bid/8207/info ISA server will output certain error pages when requests that are invalid, for whatever reason, are transmitted through it. These error pages will appear in the context of the domain that the...

CVE-2003-0011

Microsoft ISA Server DNS – Denial Of Service (MS03-009): A vulnerability exists in the ISA Server 2000 DNS intrusion detection application filter that can be exploited by a specially formed DNS request to cause a denial of service in DNS services. Public references describe that the attacker can ...

CVE-2001-0547

CVE-2001-0547 describes a memory leak in the proxy service of Microsoft Internet Security and Acceleration (ISA) Server 2000 that allows local attackers to cause a denial of service through resource exhaustion. The affected product is ISA Server 2000 (proxy service component); the underlying caus...

CVE-2001-0546

The CVE-2001-0546 issue affects Microsoft Internet Security and Acceleration (ISA) Server 2000, specifically the H.323 Gatekeeper Service. A memory leak is triggered by large amounts of malformed H.323 data, allowing remote attackers to exhaust memory and cause a denial of service (resource exhau...