[windows2000] ALERT: ISA Server Vulnerability

  • From: "Jim Kenzig http://thethin.net" <jimkenz@xxxxxxxxxxxxxx>
  • To: thin@xxxxxxxxxxxxx, windows2000@xxxxxxxxxxxxx
  • Date: Fri, 16 Jan 2004 11:00:02 -0500

Trend has given this a HIGH risk rating!

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=ISA_SERVER_H
.323_VULNERABILITY

Microsoft ISA Server 2000 has a special service, the Microsoft Firewall
Service, which it uses to allow Internet applications to perform as if they
are connected to the Internet. The Firewall Service eliminates the need for
a specific gateway for different protocol, including SMTP, Telnet, FTP, and
H.323.
The Firewall Service uses the H.323 filter for Microsoft ISA Server 2000 to
manage traffic using H.323 and T.120 protocols. These protocols are used in
IP telephony applications for audio, video, file, or remote data transfers.
The Firewall Service contains this buffer overflow vulnerability, which is
due to the fact that it does not perform bounds checking on H.323 packets.
An attacker can exploit this vulnerability to run malicious codes and gain
complete control over affected systems.
The following software are affected by this vulnerability:
*       Microsoft ISA Server 2000
*       Microsoft Business Server 2000 (includes ISA server 2000)
*       Microsoft Business Server 2003 (includes ISA server 2000)
Microsoft has more information on this vulnerability in Security Bulletin
MS04-001 entitled Vulnerability in Microsoft Internet Security and
Acceleration Server 2000 H.323 Filter Could Allow Remote Code Execution
<http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security
/bulletin/MS04-001.asp>.


Regards,
Jim Kenzig

********************************************************
This Weeks Sponsor StressedPuppy.com Games
Feeling stressed out? Check out our games to
relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

Other related posts:

  • » [windows2000] ALERT: ISA Server Vulnerability
  1. Home
  2. windows2000
  3. Archive
  4. 01-2004