Microsoft ISA SOCKSv4 information leak
Published:		22.09.2007
Source:		BUGTRAQ
SecurityVulns ID:		8177
Type:		remote
Level:		5/10
Description:		Server replies with last IP address it proxied to on empty packet.

Affected:		MICROSOFT : ISA Server 2004
CVE:		CVE-2007-4991 (The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information (the destination IP address of another user's session) via an empty packet.)

Original document

ZDI, ZDI-07-053: Microsoft ISA Server SOCKS4 Proxy Connection Leakage (22.09.2007)

Discuss:

Read or add your comments to this news (0 comments)