|
|
Microsoft ISA and Proxy Server Web Site Spoofing Vulnerability
|
Bugtraq ID:
|
11605
|
|
Class:
|
Design Error
|
|
CVE:
|
CAN-2004-0892
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Nov 04 2004 12:00AM
|
|
Updated:
|
Nov 04 2004 12:00AM
|
|
Credit:
|
Discovery is credited to Martijn de Vries and Thomas de Klerk of of Info Support.
|
|
Vulnerable:
|
Microsoft Small Business Server 2003
Microsoft Small Business Server 2000 0
Microsoft Proxy Server 2.0 SP1
Microsoft Proxy Server 2.0
-
Microsoft BackOffice 4.5
-
Microsoft BackOffice 4.5
-
Microsoft Windows NT 4.0
-
Microsoft Windows NT 4.0
Microsoft ISA Server 2000 SP2
+
Microsoft Small Business Server 2000 0
+
Microsoft Small Business Server 2003 Premium Edition
Microsoft ISA Server 2000 SP1
+
Microsoft Small Business Server 2000 0
+
Microsoft Small Business Server 2003 Premium Edition
-
Microsoft Windows 2000 Advanced Server SP2
-
Microsoft Windows 2000 Advanced Server SP1
-
Microsoft Windows 2000 Datacenter Server SP2
-
Microsoft Windows 2000 Datacenter Server SP1
-
Microsoft Windows 2000 Server SP2
-
Microsoft Windows 2000 Server SP1
Microsoft ISA Server 2000
+
Microsoft Small Business Server 2000 0
+
Microsoft Small Business Server 2003 Premium Edition
-
Microsoft Windows 2000 Advanced Server
-
Microsoft Windows 2000 Server
|
|
|
|
Not Vulnerable:
|
Microsoft ISA Server 2004
|
|
|
