[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Privilege Escalation Vulnerability in Microsoft ISA Server 2006 - MS09-031

ID: oval:org.secpod.oval:def:2998Date: (C)2011-11-15   (M)2022-10-10
Class: PATCHFamily: windows




The host is missing an important security update according to Microsoft security bulletin, MS09-031. The update is required to fix privilege escalation vulnerability. A flaw is present in the Microsoft ISA Server 2006, which fails to handle an administrative user account for an ISA server that is configured for Radius One Time Password (OTP) authentication and authentication delegation with Kerberos Constrained Delegation. Successful exploitation allows an attacker take complete control of systems.

Platform:
Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product:
Microsoft Internet Security and Acceleration Server 2006
Reference:
MS09-031
CVE-2009-1135
CVE    1
CVE-2009-1135
CPE    1
cpe:/a:microsoft:isa_server:2006
XCCDF    6
xccdf_com.secpod_benchmark_microsoft-windows-2000
xccdf_com.secpod_benchmark_microsoft-windows-vista
xccdf_com.secpod_benchmark_microsoft-windows-server-2008
xccdf_com.secpod_benchmark_microsoft-windows-xp
...

© SecPod Technologies