CVE-2000-0246

The vulnerability CVE-2000-0246 affects Microsoft IIS 4.0/5.0 where ISAPI extension processing fails for a virtual directory mapped to a UNC share, enabling remote attackers to read ASP source and other files. OpenVAS/Nessus entries confirm ASP/HTR source disclosure via UNC-path access. No remedi...

CVE-2003-0819

CVE-2003-0819 is a buffer-overflow vulnerability in the H.323 filter of Microsoft ISA Server 2000 that could allow remote code execution in the Microsoft Firewall Service via crafted H.323 traffic. OpenVAS entries corroborate a remote-code-execution risk; affected product is ISA Server 2000 (Gold...

CVE-2002-0371

CVE-2002-0371 corresponds to a buffer overflow in the gopher client handling responses in Microsoft Internet Explorer (5.1–6.0) and related components (Proxy Server 2.0, ISA Server 2000). The CERT/CC entry (VU-440275) describes an overflow when processing gopher replies, allowing arbitrary code e...

CVE-2004-0892

CVE-2004-0892 describes a spoofing vulnerability in ISA Server 2000 and Proxy Server 2.0 (also in Small Business Server 2000/2003 Premium) where reverse-DNS cache results can be manipulated to spoof trusted Internet content on a crafted page. Connected data confirms the bug exists in these produc...

CVE-2003-0110

The CVE-2003-0110 issue affects Microsoft Proxy Server 2.0 and ISA Server 2000, specifically the Winsock Proxy/WinSock Proxy service (wspsrv.exe) that binds UDP port 1745. A spoofed, malformed UDP packet can trigger a denial-of-service, causing CPU exhaustion or a packet storm on the remote host....