Check Point Advisories

Update Protection against Microsoft ISA Server Manipulation Vulnerability

Check Point Reference: CPAI-2006-061
Date Published: 6 Jun 2006
Severity: Medium
Last Updated: Monday 07 May, 2007
Source: SecuriTeam
Protection Provided by:
Who is Vulnerable? Microsoft ISA Server 2004
Vulnerability Description ISA Server 2004 is an application-layer firewall, virtual private network (VPN), and Web cache solution. A Log Manipulation vulnerability was reported in Microsoft ISA Server 2004. When  exploited, the vulnerability will enable an attacker to manipulate the Destination Host parameter of the log file.
Vulnerability DetailsBy sending a specific GET request to the server, it is possible to insert arbitrary ASCII characters into the Destination Host parameter of the log file.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK