CVSS: 5.0EPSS: 5%CPEs: 1EXPL: 0CVE-2005-1907
https://notcve.org/view.php?id=CVE-2005-1907
The ISA Firewall service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (Wspsrv.exe crash) via a large amount of SecureNAT network traffic. • http://securitytracker.com/id?1014113 http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B894864 http://www.networksecurity.fi/advisories/windows-isa-firewall.html http://www.niscc.gov.uk/niscc/docs/br-20050602-00456.html?lang=en http://www.osvdb.org/17031 http://www.securityfocus.com/bid/13846 •
CVSS: 7.5EPSS: 56%CPEs: 7EXPL: 0CVE-2004-0892
https://notcve.org/view.php?id=CVE-2004-0892
Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results. • http://www.securityfocus.com/bid/11605 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-039 https://exchange.xforce.ibmcloud.com/vulnerabilities/17906 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4264 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4859 •
CVSS: 6.8EPSS: 3%CPEs: 3EXPL: 1CVE-2003-0526 – Microsoft ISA Server 2000 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2003-0526
Cross-site scripting (XSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to inject arbitrary web script via a URL containing the script in the domain name portion, which is not properly cleansed in the default error pages (1) 500.htm for "500 Internal Server error" or (2) 404.htm for "404 Not Found." Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Microsoft Internet Security and Acceleration (ISA) Server 2000 permite a atacantes remotos inyectar script web arbitrario en la porción del nombre de dominio, que no es limpiado adecuadamente en las páginas de error por defecto (1) 500.htm ("500 Internal Server Error") o (2) 404.htm ("404 No encontrado"). • https://www.exploit-db.com/exploits/22919 http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0029.html http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0031.html http://marc.info/?l=bugtraq&m=105838519729525&w=2 http://marc.info/?l=bugtraq&m=105838862201266&w=2 http://marc.info/?l=ntbugtraq&m=105838590030409&w=2 http://pivx.com/larholm/adv/TL006 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-028 https://oval.cisecurity.org/ •
CVSS: 5.0EPSS: 2%CPEs: 5EXPL: 0CVE-2003-0110
https://notcve.org/view.php?id=CVE-2003-0110
The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745. El servicio Winsock Proxy en Microsoft Proxy Server 2.0 y el servicio Microsoft Firewall en Internet Security and Acceleration (ISA) Server 2000 permite a atacantes remotos causar una denegación de servicio (consumición de cpu o tormenta de paquetes) mediante paquetes malformados, al puerto UDP 1745. • http://marc.info/?l=bugtraq&m=104994487012027&w=2 http://www.idefense.com/advisory/04.09.03.txt https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-012 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A406 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0011
https://notcve.org/view.php?id=CVE-2003-0011
Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled. Vulnerabilidad desconocida en el filtro de aplicación de detección de intrusos DNS de Microsoft Internet Security and Acceleration (ISA) Server 2000 permite a atacantes remotos causar una denegación de servicio (tráfico bloqueado a servidores DNS) mediante un cierto tipo de petición DNS que no es manejada adecuadamente. • http://www.securityfocus.com/bid/7145 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-009 •