Microsoft Forefront Unified Access Gateway Spoofing Vulnerability

2010-11-09T00:00:00
ID SMNTC-44631
Type symantec
Reporter Symantec Security Response
Modified 2010-11-09T00:00:00

Description

Description

Microsoft Forefront Unified Access Gateway (UAG) is prone to a spoofing vulnerability. An attacker can exploit this issue to spoof a UAG server or redirect legitimate network traffic intended for a UAG server. This may allow the attacker to masquerade as a legitimate server, aiding in further attacks.

Technologies Affected

  • Microsoft Forefront Unified Access Gateway 2010
  • Microsoft Forefront Unified Access Gateway 2010 Update 1
  • Microsoft Forefront Unified Access Gateway 2010 Update 2

Recommendations

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of suspicious or anomalous traffic.

Do not accept communications that originate from unknown or untrusted sources.
Restrict access to only trusted computers or devices. Block traffic that originates from unlikely or impossible source addresses.

The vendor released an advisory and fixes to address this issue. Please see the references for more information.