Microsoft ISA Server HTTP/HTTPS Service Basic Auth Information Disclosure Vulnerability

Bugtraq ID: 13955
Class: Design Error
CVE:
Remote: Yes
Local: No
Published: Jun 14 2005 12:00AM
Updated: Jun 14 2005 12:00AM
Credit: Discovery of this issue is credited to Han Valk.
Vulnerable: Microsoft ISA Server 2000 Enterprise Edition SP2
Microsoft ISA Server 2000 Enterprise Edition SP1
Microsoft ISA Server 2000 Enterprise Edition
Microsoft ISA Server 2000 SP2
+ Microsoft Small Business Server 2000 0
+ Microsoft Small Business Server 2003 Premium Edition
Microsoft ISA Server 2000 SP1
+ Microsoft Small Business Server 2000 0
+ Microsoft Small Business Server 2003 Premium Edition
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
Microsoft ISA Server 2000
+ Microsoft Small Business Server 2000 0
+ Microsoft Small Business Server 2003 Premium Edition
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Server
Not Vulnerable: Microsoft ISA Server 2004


 

Privacy Statement
Copyright 2010, SecurityFocus