54 matches found
EUVD-2001-0539
Malware in sbrugna...
EUVD-2010-5103
Malware in sbrugna...
CVE-2010-5144
The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an...
CVE-2001-1533
Microsoft Internet Security and Acceleration ISA Server 2000 allows remote attackers to cause a denial of service via a flood of fragmented UDP packets. NOTE: the vendor disputes this issue, saying that it requires high bandwidth to exploit, and the server does not experience any instability...
Microsoft ISA Server 2000 Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/8207/info ISA server will output certain error pages when requests that are invalid, for whatever reason, are transmitted through it. These error pages will appear in the context of the domain that the request was made fo...
CVE-2010-5144
The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an...
Design/Logic Flaw
The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an...
CVE-2010-5144
The CVE-2010-5144 issue affects the ISAPI Filter plug-in used with Websense Enterprise, Websense Web Security, and Websense Web Filter (versions 6.3.3 and earlier) when deployed behind Microsoft ISA or Forefront TMG. The vulnerability allows remote attackers to bypass intended filtering and monit...
Design/Logic Flaw
Microsoft Internet Security and Acceleration ISA Server 2006 Gold and SP1, when Radius OTP is enabled, uses the HTTP-Basic authentication method, which allows remote attackers to gain the privileges of an arbitrary account, and access published web pages, via vectors involving attempted access to...
MS09-031: Vulnerability in Microsoft ISA Server 2006 Could Cause Elevation of Privilege (970953)
The version of Microsoft Internet Security and Acceleration ISA Server 2006 installed on the remote host may allow an unauthenticated attacker with knowledge of administrator account usernames to gain access to published resources in the context of such a user without having to authenticate with...
Microsoft ISA Server Radius OTP Authentication Bypass Vulnerability
Description Microsoft ISA Server is prone to an authentication-bypass vulnerability. An attacker with knowledge of a valid account name can exploit this issue to bypass authentication and gain access to arbitrary resources within the context of the selected account. Technologies Affected Microsof...
CVE-2009-1348
The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via 1 an invali...
Microsoft ISA Server和Forefront TMG跨站脚本漏洞(MS09-016)
BUGTRAQ ID: 34416 CVECAN ID: CVE-2009-0237 Microsoft ISA Server和Forefront TMG都是微软产品家族中的安全组件,可提供防火墙、安全网关等功能。 ISA Server或Forefront TMG中的HTML表单认证组件cookieauth.dll没有正确地对HTTP流执行输入验证,允许恶意脚本代码扮演为运行cookieauth.dll的服务器在其他用户的设备上运行,导致跨站脚本攻击。 Microsoft ISA Server 2006可支持性升级 Microsoft ISA Server 2006 SP1...
Workaround for Microsoft ISA Server TCP State Limited Denial of Service Vulnerability (MS09-016)
A denial of service vulnerability has been reported in Microsoft Internet Security and Acceleration ISA Server. ISA Server, originating as Microsoft Proxy Server, is a Firewall & Security product that provides Application-Layer Firewalling, acts as a VPN endpoint, and provides Internet Access for...
Microsoft ISA Server and Forefront Threat Management Gateway Denial of Service Vulnerability
Description Microsoft ISA Server and Forefront Threat Management Gateway are prone to a remote denial-of-service vulnerability. A remote, anonymous attacker could exploit this issue to cause the Web proxy listener to become unresponsive, denying service legitimate users. Technologies Affected...
MS09-016: Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway Could Cause Denial of Service (961759)
The version of Microsoft ISA Server or Forefront Threat Management Gateway installed on the remote host is affected by one or both of the following vulnerabilities : - By sending a series of specially crafted packets, an anonymous remote attacker can create orphaned open sessions in the firewall...
Preemptive Protection against Microsoft ISA Server Cross-Site Scripting (XSS) Vulnerability (MS09-016)
A cross-site scripting XSS vulnerability has been reported in the cookieauth.dll component in Microsoft Internet Security and Acceleration ISA Server. ISA Server, originating as Microsoft Proxy Server, is a Firewall & Security product that provides Application-Layer Firewalling, acts as a VPN...
Design/Logic Flaw
The SOCKS4 Proxy in Microsoft Internet Security and Acceleration ISA Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information the destination IP address of another user's session via an empty packet...
Microsoft ISA Server proxy / firewall multiple vulnerabilities
Cache poisoning problem, NetBIOS predefined filter vulnerability...
Microsoft ISA Server HTTP/HTTPS Service Basic Auth Information Disclosure Vulnerability
Description Microsoft Internet Security and Acceleration ISA server is prone to an information disclosure vulnerability. Reports indicate that the issue manifests when an ISA server is publishing a Web service that has Basic authentication enabled, but the Web publishing rules that process the...