Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4991

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-4991
Last Modified 15 Nov 2008 01:59:17
Published 21 Sep 2007 03:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4991

Summary

The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information (the destination IP address of another user's session) via an empty packet.

Vulnerable Systems

Application

  • Microsoft Isa Server 2004


References

MISC - http://www.zerodayinitiative.com/advisories/ZDI-07-053.html

BID - 25753

OSVDB - 45906

XF - isa-socks-information-disclosure(36715)

SECTRACK - 1018727


Last Updated: 27 May 2016 10:46:02