Security Bulletin MS01-021

---------------------------------------------------------------------- Title: Invalid Web Request Can Cause Access Violation in ISA Server Web Proxy Service Date: 16 April 2001 Software: ISA Server 2000 Impact: Denial of service Bulletin: MS01-021 Microsoft encourages customers to review the...

Microsoft ISA Server 2000 Web Proxy - Denial of Service

// source: https://www.securityfocus.com/bid/2600/info It is possible for a user to cause the Web Proxy service on a host running MS ISA Server to stop responding. If a HTTP request with an unusually long path is submitted, the Web Proxy service could stop responding. This vulnerability is only...

FTPGate Web Proxy Traversal Arbitrary File Access

It is possible to read arbitrary files on the remote server by prepending ../../ or ....\ in front of the file name. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10091; scriptversion "1.24"; scriptcvsdate"Date: 2018/08/10 18:07:08"; scriptnameenglish:"FTPGate Web...

National Science Foundation Squid Web Proxy 1.01.12.1 - Authentication Failure

National Science Foundation Squid Web Proxy 1.01.12.1 - Authentication Failure source: https://www.securityfocus.com/bid/741/info There is a vulnerability present in certain versions of the Squid Web Proxy Cache developed by the National Science Foundation. This problem is only in effect when use...

National Science Foundation Squid Web Proxy 1.0/1.1/2.1 - Authentication Failure

source: https://www.securityfocus.com/bid/741/info There is a vulnerability present in certain versions of the Squid Web Proxy Cache developed by the National Science Foundation. This problem is only in effect when users of the cache are using an external authenticator. The following is quoted fr...

Squid Web Proxy 2.2 - cachemgr.cgi Unauthorized Connection

Squid Web Proxy 2.2 - cachemgr.cgi Unauthorized Connection source: https://www.securityfocus.com/bid/2059/info The 'cachemgr.cgi' module is a management interface for the Squid proxy service. It was installed by default in '/cgi-bin' by Red Hat Linux 5.2 and 6.0 installed with Squid. This script...

HTTP Proxy Open Relay Detection

The remote web proxy accepts unauthenticated HTTP requests from the Nessus scanner. By routing requests through the affected proxy, a user may be able to gain some degree of anonymity while browsing websites, which will see requests as originating from the remote host itself rather than the user'...

Security Update for Forefront Threat Management Gateway, Medium Business Edition (KB 968075)

This update resolves the issues described in Knowledge Base article 968075 Forefront TMG, Medium Business Edition: • Forefront TMG MBE Web proxy and Web publishing listeners may stop accepting new requests after receiving specially-crafted packets. • Forefront TMG MBE forms-based authentication m...

Security Update for ISA Server 2004 Standard Edition (KB 960995)

This update resolves the issues described in Knowledge Base articles 960995 ISA Server 2004: • ISA Server 2004 Web proxy and Web publishing listeners may stop accepting new requests after receiving specially-crafted packets...

Security Update for ISA Server 2006 Supportability Pack (KB 968078)

This update resolves the issues described in Knowledge Base article 968078 ISA Server 2006: • ISA Server 2006 Web proxy and Web publishing listeners may stop accepting new requests after receiving specially-crafted packets. • ISA Server 2006 forms-based authentication may allow a browser to be...

Security Update for ISA Server 2006 SP1 (KB 968078)

This update resolves the issues described in Knowledge Base article 968078 ISA Server 2006: • ISA Server 2006 Web proxy and Web publishing listeners may stop accepting new requests after receiving specially-crafted packets. • ISA Server 2006 forms-based authentication may allow a browser to be...