|
Microsoft ISA Server / Proxy Server Internet Content Spoofing Vulnerability
|
|
Secunia Advisory:
|
SA13147
|
|
|
Release Date:
|
2004-11-09
|
|
Last Update:
|
2004-11-17
|
|
Popularity:
|
17,655 views
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
Spoofing
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Microsoft ISA Server 2000
Microsoft Proxy Server 2.x
Microsoft Small Business Server 2000
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 1 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Description:
Martijn de Vries and Thomas de Klerk have reported a vulnerability in Microsoft ISA Server 2000 and Proxy Server 2.0, which can be exploited by malicious people to spoof Internet content.
The vulnerability is caused due to an error within the method used for caching results of reverse lookups. The problem is that reverse lookups results are used for forward lookups. This can be exploited by making the server perform a reverse lookup for an IP address and then supply a spoofed reverse lookup response for an arbitrary domain name.
Successful exploitation poisons the DNS cache and may result in users unknowingly accessing malicious web sites when attempting to access a trusted web site.
NOTE: Exploitation does not allow spoofing of SSL certificates on HTTPS sites.
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
