Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2002-07-03 |
| Product | Isa Server | Last view | 2005-01-27 |
| Version | 2000 | Type | Application |
| Update | sp1 | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:microsoft:isa_server | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2005-01-27 | CVE-2004-0892 | Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results. |
| 6.8 | 2003-08-18 | CVE-2003-0526 | Cross-site scripting (XSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to inject arbitrary web script via a URL containing the script in the domain name portion, which is not properly cleansed in the default error pages (1) 500.htm for "500 Internal Server error" or (2) 404.htm for "404 Not Found." |
| 5 | 2003-05-05 | CVE-2003-0110 | The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745. |
| 5 | 2003-03-24 | CVE-2003-0011 | Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled. |
| 7.5 | 2002-07-03 | CVE-2002-0371 | Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response. |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-63 | Simple Script Injection |
| CAPEC-73 | User-Controlled Filename |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 14396 | Microsoft ISA DNS Intrusion Detection Filter DoS |
| 11579 | Microsoft ISA Server / Proxy Server Internet Content Spoofing |
| 6967 | Microsoft ISA Server 2000 UDP Packet Winsock DoS |
| 3004 | Microsoft IE Gopher Client Overflow |
| 2320 | Microsoft ISA Server HTTP Error Handler XSS |
| 2298 | Microsoft ISA Server Error Page XSS |
OpenVAS Exploits
| id | Description |
|---|---|
| 2005-11-03 | Name : Microsoft ISA Server DNS - Denial Of Service (MS03-009) File : nvt/smb_nt_ms03-009.nasl |
| 2005-11-03 | Name : ISA Server 2000 and Proxy Server 2.0 Internet Content Spoofing (888258) File : nvt/smb_nt_ms04-039.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft ISA Server DNS spoofing attempt RuleID : 15988 - Type : OS-WINDOWS - Revision : 6 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2004-11-13 | Name: It is possible to spoof the content of the remote proxy server. File: smb_nt_ms04-039.nasl - Type: ACT_GATHER_INFO |
| 2003-04-13 | Name: It is possible to launch a denial of service attack against the remote proxy ... File: smb_nt_ms03-012.nasl - Type: ACT_GATHER_INFO |
| 2003-03-21 | Name: It is possible to launch a denial of service attack against the remote DNS ap... File: smb_nt_ms03-009.nasl - Type: ACT_GATHER_INFO |
| 2003-03-02 | Name: The HTTP proxy accepts gopher:// requests. File: proxy_gopher.nasl - Type: ACT_GATHER_INFO |
