Microsoft ISA Server HTTP Request Smuggling Vulnerability

Bugtraq ID: 13956
Class: Input Validation Error
CVE: CVE-2005-1215
Remote: Yes
Local: No
Published: Jun 14 2005 12:00AM
Updated: Jul 12 2009 02:56PM
Credit: Steve Orrin of Watchfire is credited with the discovery of this issue.
Vulnerable: Microsoft ISA Server 2000 Enterprise Edition SP2
Microsoft ISA Server 2000 Enterprise Edition SP1
Microsoft ISA Server 2000 Enterprise Edition
Microsoft ISA Server 2000 SP2
+ Microsoft Small Business Server 2000 0
+ Microsoft Small Business Server 2003 Premium Edition
Microsoft ISA Server 2000 SP1
+ Microsoft Small Business Server 2000 0
+ Microsoft Small Business Server 2003 Premium Edition
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
Microsoft ISA Server 2000 FP1
Microsoft ISA Server 2000
+ Microsoft Small Business Server 2000 0
+ Microsoft Small Business Server 2003 Premium Edition
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Server
Not Vulnerable: Microsoft ISA Server 2004


 

Privacy Statement
Copyright 2010, SecurityFocus