CVE-2002-0371 – Microsoft Internet Explorer 5/6 / Microsoft ISA Server 2000 / Microsoft Proxy Server 2.0 Gopher Client - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-0371
Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response. Desbordamiento de búfer en el cliente gopher de Microsoft Internet Explorer 5.1 a la 6.0, Proxy Server 2.0, o ISA Server 2000 permite a atacantes remotos la ejecución de código arbitrario mediante una URL gopher:// que redirige al usuario a un servidor gopher real o simulado que envía una respuesta larga. • https://www.exploit-db.com/exploits/21510 http://marc.info/?l=bugtraq&m=102320516707940&w=2 http://marc.info/?l=bugtraq&m=102397955217618&w=2 http://online.securityfocus.com/archive/1/276848 http://www.iss.net/security_center/static/9247.php http://www.kb.cert.org/vuls/id/440275 http://www.pivx.com/workaround_fail.html http://www.securityfocus.com/bid/4930 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-027 https://oval.cisecurity •
CVE-2001-1533
https://notcve.org/view.php?id=CVE-2001-1533
Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service via a flood of fragmented UDP packets. NOTE: the vendor disputes this issue, saying that it requires high bandwidth to exploit, and the server does not experience any instability. Therefore this "laws of physics" issue might not be included in CVE • http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00018.html http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00031.html http://www.iss.net/security_center/static/7446.php http://www.securityfocus.com/bid/3501 •
CVE-2001-0546
https://notcve.org/view.php?id=CVE-2001-0546
Memory leak in H.323 Gatekeeper Service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (resource exhaustion) via a large amount of malformed H.323 data. • http://www.securityfocus.com/bid/3196 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-045 https://exchange.xforce.ibmcloud.com/vulnerabilities/6989 •
CVE-2001-0658
https://notcve.org/view.php?id=CVE-2001-0658
Cross-site scripting (CSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause other clients to execute certain script or read cookies via malicious script in an invalid URL that is not properly quoted in an error message. • http://www.securityfocus.com/bid/3198 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-045 https://exchange.xforce.ibmcloud.com/vulnerabilities/6991 •
CVE-2001-0547
https://notcve.org/view.php?id=CVE-2001-0547
Memory leak in the proxy service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows local attackers to cause a denial of service (resource exhaustion). • http://www.securityfocus.com/bid/3197 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-045 https://exchange.xforce.ibmcloud.com/vulnerabilities/6990 •