Microsoft ISA Server NetBIOS Predefined Filter Policy Bypass Vulnerability

info
discussion
exploit
solution
references

Microsoft ISA Server NetBIOS Predefined Filter Policy Bypass Vulnerability

Microsoft Internet Security and Acceleration (ISA) server is prone to a policy bypass vulnerability. Reports indicate that the issue manifests when a Microsoft ISA server is utilizing the 'NetBIOS (all)' predefined filter.

A remote attacker may leverage this vulnerability to successfully make NetBIOS connections to NetBIOS based services that exist on a target ISA server.