TITLE: Microsoft ISA Server 2000 Various Security Issues SECUNIA ADVISORY ID: SA11799 VERIFY ADVISORY: http://secunia.com/advisories/11799/ CRITICAL: Moderately critical IMPACT: Security Bypass, Exposure of system information, Exposure of sensitive information, DoS WHERE: >From remote SOFTWARE: Microsoft ISA Server 2000 DESCRIPTION: Microsoft has issued Service Pack 2 for ISA Server 2000. This includes patches for all previously reported vulnerabilities as well as older hot fixes, where some address potential security issues. 1) ICMP traffic is not blocked by the ISA Server 2000 while starting up, even though it has been restricted in the firewall policies. This allows malicious people to detect the presence of the system during a short period of time. 2) In certain cases, basic credentials may be sent over external HTTP connections even though this has been configured as SSL required. This may potentially disclose sensitive information to certain people, who are able to intercept the traffic. 3) The web proxy service may crash during the processing of HTTP redirect actions, when a content rule denies access. 4) Certain site and content rules can be bypassed when access to specific destinations are denied due to a canonicalization error. The problem is that a rule may not apply if a user requests an URL with a period (.) appended to the end. Example: http://www.restricted_site.com. 5) Under certain circumstances, a malformed SSL packet may crash the web proxy when "web publishing" a SSL web site. SOLUTION: Apply Service Pack 2. http://www.microsoft.com/downloads/details.aspx?FamilyId=C8D3D98B-1CD4-406A-A04A-2AA2547D09A3&displaylang=en PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: ISA Server 2000 Service Pack 2 Release Notes: http://support.microsoft.com/default.aspx?kbid=816460 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org ----------------------------------------------------------------------