Microsoft ISA Server 2000 H.323 Filter Remote Buffer Overflow Vulnerability

It has been reported that the H.323 filter used by Microsoft ISA Server 2000 is prone to a remote buffer overflow vulnerability. The condition presents itself due to insufficient boundary checks performed by the Microsoft Firewall Service on specially crafted H.323 traffic.

Successful exploitation of this vulnerability may allow a remote attacker to execute arbitrary code in the context of Microsoft Firewall Service running on ISA Server 2000. This may lead to complete control of the vulnerable system.


Privacy Statement
Copyright 2010, SecurityFocus