Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
Home  Ask the Team  Mailing Lists  Advertising Info  Advisories  About SecuriTeam  Blogs Brought to you by: Suppliers of: Website Testing Tools Network Testing Tools Software Testing Tools SecuriTeam in Your Inbox New vulnerability? New tool? Tell us (Our PGP key). Network Enabled Discount: SecuriTeam5_SANS Promo With Us Subjects of Interest: Vulnerability Management SQL Injection Buffer Overflows Active Network Scanning Fuzzing Fuzzer Report Network Security Network Scanner Pen Testing Security Scanner Scanner Review Fuzzer Review Web Scanner Review	Microsoft ISA Server 2004 Log Manipulation 4 May. 2006    Summary "Microsoft Internet Security and Acceleration (ISA) Server 2004 is the advanced stateful packet and application-layer inspection firewall, virtual private network (VPN), and Web cache solution that enables enterprise customers to easily maximize existing information technology (IT) investments by improving network security and performance." There is a Log Manipulation vulnerability in Microsoft ISA Server 2004, which when exploited will enable a malicious user to manipulate the Destination Host parameter of the log file.   Credit: The information has been provided by Noam Rathaus using the beSTORM fuzzer. The original article can be found at: http://www.beyondsecurity.com/besirt/advisories/042006-001-ISA-LM.txt Free Website Security Scan Free Fuzzer Report Vulnerability Assessment Detect web app vulnerabilities University study comparing the top Accurate and automated scanning Get guidance from professionals. 6 commercially availble fuzzers. for networks of any size.    Details Protect your website! Free Trial, Nothing to install. No interruption of visitors. www.beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * Microsoft ISA Server 2004 By sending the following request to the server: GET / HTTP/1.0 Host: %01%02%03%04 Transfer-Encoding: whatever We were able to insert arbitrary characters, in this case the ASCII characters 0x01,0x02, 0x03, 0x04 (respectively) into the Destination Host parameter of the log file. This has been found after 3 days of running the beSTORM fuzzer at 600+ Sessions per Second while monitoring the ISA Server log file for problems. Vendor response: "Microsoft does not consider this issue to be a security vulnerability." Disclosure Timeline: Reported to vendor: December, 2005 Public release date: 4th of May, 2006  Comments: blog comments powered by Disqus	Related Articles Microsoft Windows Local Privilege Escalation Vulnerabilities Microsoft Office Use After Free Memory Corruption Vulnerabilities Microsoft Internet Explorer Execute Arbitrary Code Remote Memory Corruption Vulnerabilities Microsoft Internet Explorer Cross-Domain Information Disclosure Vulnerabilities Microsoft Windows TCP/IP Stack Privilege Escalation Vulnerabilities Microsoft Windows OLE Code Execution Vulnerabilities Microsoft Internet Explorer Cross-Domain Execute Arbitrary Code Vulnerabilities Microsoft SharePoint Server Privilege Escalation Vulnerabilities Microsoft Office Invalid Pointer Memory Corruption Vulnerabilities Microsoft Internet Explorer Privilege Escalation Vulnerabilities Microsoft Windows Kernel Mode Driver Denial Of Service Vulnerabilities Microsoft Secure Channel Code Execution Vulnerabilities Microsoft Internet Explorer Denial-Of-Service Memory Corruption Vulnerabilities Microsoft Internet Explorer Cross-Domain Obtain Sensitive Information Vulnerabilities Microsoft OLE Automation Array Code Execution Vulnerabilities Microsoft XML Core Services Remote Code Execution Vulnerabilities Microsoft Internet Explorer Cross-Domain Memory Corruption Vulnerabilities Microsoft Windows Kerberos Checksum Remote Privilege Escalation Vulnerabilities Microsoft Windows Audio Service Privilege Escalation Vulnerabilities Microsoft Input Method Editor (IME) For Japanese Remote Privilege Escalation Vulnerabilities  Featured Articles Microsoft Windows Graphics Component Remote Code Execution Vulnerabilities Microsoft Windows Local Remote Procedure Call (LRPC) Server Spoofing LPC Port Message Handling Local Stack Buffer Overflow Vulnerability Microsoft SharePoint Server Multiple Component Crafted Page Content Handling Remote Code Execution Vulnerability Microsoft Windows Win32k.sys RFONTOBJ bTextExtent Function Handling Local Integer Overflow DoS Vulnerability Microsoft Windows Kernel Memory Object Handling Race Condition Local Privilege Escalation (2013-1294) Vulnerability Microsoft Windows Win32k.sys Memory Object Handling Race Condition Local Privilege Escalation (2013-1283) Vulnerability Microsoft Visio Viewer Tree Object Type Confusion Visio File Handling Arbitrary Code Vulnerability Microsoft Office for Mac HTML5 Email Message Unspecified Content Tag Loading Information Disclosure Vulnerability Microsoft SharePoint Callback Function URL Handling Privilege Escalation Vulnerability Microsoft Windows USB Driver Memory Object Handling Local Privilege (2013-1287) Vulnerability Microsoft Windows USB Driver Memory Object Handling Local Privilege Escalation Vulnerability Microsoft Windows Kernel Memory Object Handling Local Privilege Escalation Vulnerability Microsoft Windows SSL/TSL Forced Downgrade MitM Weakness Microsoft Windows Memory Object Handling Local Memory Privilege Escalation Vulnerability Microsoft Windows Privilege Escalation Vulnerability Microsoft .NET Framework Serialization Remote Code Execution Vulnerability Microsoft Visio Viewer VSD File Format Remote Code Execution Vulnerability Microsoft .NET Framework Input Serialization CVE-2012-0160 Remote Code Execution Vulnerability Microsoft .NET Framework ASP.NET Forms Authentication Bypass Vulnerability 'TrendMicro Control Manager CASProcessor.exe BLOB Code Execution Vulnerability'
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus - Blogs - CVEs

Copyright © Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®