Vulnerability In ISA Server 2000 And Proxy Server 2.0 Could Allow Internet Content
An attacker would first have to persuade a user view content that causes a reverse lookup to occur. When ISA Server 2000 and Proxy Server 2.0 do reverse DNS lookups, these applications save the resulting PTR and A records in the cache. Revisions: V1.0 (November 9, 2004): Bulletin published V2.0 (November 9, 2004): Bulletin updated to reflect the release of an updated ISA Server 2000 security update for the German language only. General Information Executive Summary Executive Summary: This update resolves a newly-discovered, privately reported vulnerability. this contact form
We recommend that customers install the update at the earliest opportunity. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fpc\Hotfixes\SP1\408 Alternatively you can follow these steps to verify that the security update has installed: Click Start, click Settings, and then click Control Panel. The Web cache helps improve network performance by storing local copies of frequently-requested Web content. SMS can help detect if there are programs installed that may have installed a version of the vulnerable component.
This would likely cause a warning message to appear to the user.Microsoft Small Business Server 2000 and 2003 include the affected software. This documentation is archived and is not being maintained. After the release of the MS04-039 security bulletin, Microsoft became aware of an issue affecting ISA Server 2000 Service Pack 1 customers.
You’ll be auto redirected in 1 second. The firewall helps protects the network by regulating which resources can be accessed through the firewall, and under what conditions. In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to attempt to exploit this vulnerability. If you install this security update while using ISA Server 2000 Service Pack 1 or ISA Server 2000 Feature Pack 1, then install ISA Server 2000 Service Pack 2, and then
The original version of this security update did protect against the vulnerability described in this security bulletin. What causes the vulnerability? John Savill provides 12 hours of detailed instruction covering all the key aspects of a Hyper-V based virtualization environment covering both capabilities in Windows Server 2012 R2 and Windows Server 2016. have a peek at these guys Symantec AntiVirus Due to the severity and nature of this threat, we will not be releasing updates at this time.
The exploit is done by changing the reverse look-up zone stored in the cache. https://www.microsoft.com/en-us/download/details.aspx?id=11450 At the end of this class, attendees will be able to architect and manage an enterprise-level Hyper-V environment. What is a reverse lookup? The update removes the vulnerability by modifying the way that the affected products cache reverse lookup results.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. Safeguards Administrators are advised to apply the appropriate patches. Other versions either no longer include security update support or may not be affected. navigate here Microsoft received information about this vulnerability through responsible disclosure.
Database administrator? Customers using these software programs should install the provided ISA Server 2000 security update.Microsoft Small Business Server 2000Microsoft Small Business Server 2003 Premium Edition Non-Affected Software: Microsoft Internet Security and Acceleration The first time a reverse lookup is performed for a particular IP address, an attacker could provide a spoofed reverse lookup response for a domain name that they are not authoritative
Could the vulnerability be exploited over the Internet?
Proxy Server 2.0 and ISA Server 2000 cache the results of a reverse lookup and use that result for a forward (normal) lookup. Even if an attacker is able to display the malicious Web content to a client of the ISA Server 2000 or Proxy Server 2.0 system, the attacker would then have to International customers can receive support from their local Microsoft subsidiaries. Although SMS cannot detect the affected software using MBSA, administrators can use SMS to find the affected files and update them.
Proxy Server 2.0: Date Time Version Size File name
27-Oct-2004 18:18 2.0.390.16 43,280 W3pcache.dll
27-Oct-2004 18:26 2.0.390.16 192,784 W3proxy.dll
27-Oct-2004 18:18 2.0.390.16 97,040 Wspsrv.exe Note The file versions of these The original version of the ISA Sever 2000 security update did not include all of the required binaries on systems using ISA Server 2000 Service Pack 1. Select Security Update for Microsoft ISA Server 2000 (KB 888258), and then click Add/Remove. his comment is here In DNS, a reverse lookup is a query process by which the IP address of a host computer is searched to find its friendly DNS domain name.
The original version of the security update was designed to require Windows 2000 Service Pack 4. What does the update do? All rights reserved. You can also deploy this update using the Inventory and Software Distribution feature of SMS.
This vulnerability could enable an attacker to spoof trusted Internet content. In the list of files, right-click a file name from the appropriate file information table, and then click Properties.Note Depending on the version of the operating system or programs installed, some Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's site. Looking to get things done in web development?
The Web cache helps improve network performance by storing local copies of frequently-requested Web content. When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited? For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841. Microsoft Baseline Security Analyzer (MBSA) Windows Update Windows Update Catalog: For more information about the Windows Update Catalog, see Microsoft Knowledge Base Article 323166.
Built at 2014-04-18T13:49:36Z-07:00 Show: Inherited Protected Print Export (0) Print Export (0) Share IN THIS ARTICLE Is this page helpful?