• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Nessus warns for Vulnerability in ISA2004.

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> General >> Nessus warns for Vulnerability in ISA2004. Page: [1]
Login
Message << Older Topic   Newer Topic >>
Nessus warns for Vulnerability in ISA2004. - 30.Mar.2005 2:53:00 PM   
PatrickM

 

Posts: 112
Joined: 23.May2001
From: Skutskär, Sweden
Status: offline
How seriuos is this, for real?
SP1 on ISA2004 is installed & W2003 with latest patches.

****
Sessus Scan Report (Generated by http://www.Secunia.com)
Nessus ID: 11715
Vulnerability http (80/TCP)
It was possible to kill the HTTP proxy by sending a invalid request with a too long header.

A cracker may exploit this Vulnerability to make your proxy server crash continually or even execute arbitrary code on your system.

Solution: Upgrade your system.
Risk Factor: High
CVE: CAN-2002-0133
BID: 3904, 3905
Nessus ID: 11715
****
"[Confused]"

[ March 30, 2005, 02:58 PM: Message edited by: Patrick.M ]
Post #: 1
RE: Nessus warns for Vulnerability in ISA2004. - 8.Apr.2005 9:13:00 PM   
telech

 

Posts: 36
Joined: 14.May2004
From: Pittsburgh
Status: offline
Was this taken care of in the service pack for ISA 2K4? It's kind of funny that the vulnerability was there in the first place.

(in reply to PatrickM)
Post #: 2
RE: Nessus warns for Vulnerability in ISA2004. - 18.Apr.2005 8:35:00 AM   
PatrickM

 

Posts: 112
Joined: 23.May2001
From: Skutskär, Sweden
Status: offline
Thanx for Posting!

Yea, and strange that it warns when I have SP1 for ISA2004 installed [Wink]

(in reply to PatrickM)
Post #: 3
RE: Nessus warns for Vulnerability in ISA2004. - 18.Apr.2005 1:33:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hey guys,

More importantly, is it a real problem, or a bogus report from the scanner?

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2002-0133

Thanks!
Tom

[ April 18, 2005, 01:34 PM: Message edited by: tshinder ]

(in reply to PatrickM)
Post #: 4
RE: Nessus warns for Vulnerability in ISA2004. - 18.Apr.2005 3:43:00 PM   
Jim Harrison

 

Posts: 271
Joined: 5.May2001
From: Redmond, WA
Status: offline
Has anyone noticed the date of this "alert"?
CAN articles always start with the year an issue was reported.
Thus CAN-2002-### is an issue found in 2002.
ISA 2004 didn't hit the streets until <gasp> 2004.
I'm assuming you used the nessus test and it reported this issue?
..did the test actually <poof> yur ISA or did they assume that a failure to send a actual "go away" response creates a vulnerability?

FACT: if your ISA wasn't rendered "theirs" by virtue of this "test", it's just as likely to be FUD.

(in reply to PatrickM)
Post #: 5
RE: Nessus warns for Vulnerability in ISA2004. - 18.Apr.2005 3:45:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Jim,

thanks!
Tom

(in reply to PatrickM)
Post #: 6

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> General >> Nessus warns for Vulnerability in ISA2004. Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts