Microsoft Forefront Unified Access Gateway Input Validation Flaw Lets Remote Users Cause the Target System to Initiate DNS Queries for Multiple Hosts
SecurityTracker Alert ID: 1041212|
SecurityTracker URL: http://securitytracker.com/id/1041212
(Links to External Site)
Date: Jul 3 2018
Modification of system information|
Vendor Confirmed: Yes Exploit Included: Yes |
A vulnerability was reported in Microsoft Forefront Unified Access Gateway. A remote user can cause the target system to initiate DNS requests for multiple, arbitrary hosts.|
A remote user can submit a specially crafted 'orig_url' parameter value that includes a comma-separated list of URLs to cause the target server to initiate DNS queries for the hosts specified in the URLs.
Okan Coskun reported this vulnerability.
A remote user can cause the target system to initiate DNS requests for multiple, arbitrary hosts.|
No solution was available at the time of this entry.|
[Editor's note: The report indicates that the vendor does not plan to issue a fix as part of a security update.]
Vendor URL: www.microsoft.com/ (Links to External Site)
Input validation error|
|Underlying OS: Windows (2008)|
Source Message Contents
Subject: Re: [FD] Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction|
# Exploit Title: Microsoft Forefront Unified Access Gateway 2010 External
# Vendor Homepage: https://www.microsoft.com/
# Version: 2010
# CVE : CVE-2018-12571
# MSRC: Case 39000
# Proof of Concept #1
Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to
trigger outbound DNS queries for arbitrary hosts via a comma-separated list
of URLs in the orig_url parameter, possibly causing a traffic amplification
and/or SSRF outcome.
It will not be patched by Microsoft.
We have completed our investigation and determined that the case doesn't
meet the bar for servicing in a security update
Sent through the Full Disclosure mailing list
Web Archives & RSS: http://seclists.org/fulldisclosure/