Page 2 of 15 results (0.006 seconds)

CVSS: 7.5EPSS: 56%CPEs: 7EXPL: 0

Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results. • http://www.securityfocus.com/bid/11605 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-039 https://exchange.xforce.ibmcloud.com/vulnerabilities/17906 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4264 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4859 •

CVSS: 6.8EPSS: 3%CPEs: 3EXPL: 1

Cross-site scripting (XSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to inject arbitrary web script via a URL containing the script in the domain name portion, which is not properly cleansed in the default error pages (1) 500.htm for "500 Internal Server error" or (2) 404.htm for "404 Not Found." Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Microsoft Internet Security and Acceleration (ISA) Server 2000 permite a atacantes remotos inyectar script web arbitrario en la porción del nombre de dominio, que no es limpiado adecuadamente en las páginas de error por defecto (1) 500.htm ("500 Internal Server Error") o (2) 404.htm ("404 No encontrado"). • https://www.exploit-db.com/exploits/22919 http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0029.html http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0031.html http://marc.info/?l=bugtraq&m=105838519729525&w=2 http://marc.info/?l=bugtraq&m=105838862201266&w=2 http://marc.info/?l=ntbugtraq&m=105838590030409&w=2 http://pivx.com/larholm/adv/TL006 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-028 https://oval.cisecurity.org/ •

CVSS: 5.0EPSS: 2%CPEs: 5EXPL: 0

The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745. El servicio Winsock Proxy en Microsoft Proxy Server 2.0 y el servicio Microsoft Firewall en Internet Security and Acceleration (ISA) Server 2000 permite a atacantes remotos causar una denegación de servicio (consumición de cpu o tormenta de paquetes) mediante paquetes malformados, al puerto UDP 1745. • http://marc.info/?l=bugtraq&m=104994487012027&w=2 http://www.idefense.com/advisory/04.09.03.txt https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-012 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A406 •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled. Vulnerabilidad desconocida en el filtro de aplicación de detección de intrusos DNS de Microsoft Internet Security and Acceleration (ISA) Server 2000 permite a atacantes remotos causar una denegación de servicio (tráfico bloqueado a servidores DNS) mediante un cierto tipo de petición DNS que no es manejada adecuadamente. • http://www.securityfocus.com/bid/7145 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-009 •

CVSS: 7.5EPSS: 58%CPEs: 12EXPL: 1

Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response. Desbordamiento de búfer en el cliente gopher de Microsoft Internet Explorer 5.1 a la 6.0, Proxy Server 2.0, o ISA Server 2000 permite a atacantes remotos la ejecución de código arbitrario mediante una URL gopher:// que redirige al usuario a un servidor gopher real o simulado que envía una respuesta larga. • https://www.exploit-db.com/exploits/21510 http://marc.info/?l=bugtraq&m=102320516707940&w=2 http://marc.info/?l=bugtraq&m=102397955217618&w=2 http://online.securityfocus.com/archive/1/276848 http://www.iss.net/security_center/static/9247.php http://www.kb.cert.org/vuls/id/440275 http://www.pivx.com/workaround_fail.html http://www.securityfocus.com/bid/4930 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-027 https://oval.cisecurity •