[Forgot Password]
Login  Register Subscribe

23631

 
 

119105

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Privilege Escalation Vulnerability in Microsoft ISA Server 2006 - MS09-031

ID: oval:org.secpod.oval:def:2998Date: (C)2011-11-15   (M)2017-10-04
Class: PATCHFamily: windows




The host is missing an important security update according to Microsoft security bulletin, MS09-031. The update is required to fix privilege escalation vulnerability. A flaw is present in the Microsoft ISA Server 2006, which fails to handle an administrative user account for an ISA server that is configured for Radius One Time Password (OTP) authentication and authentication delegation with Kerberos Constrained Delegation. Successful exploitation allows an attacker take complete control of systems.

Platform:
Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product:
Microsoft Internet Security and Acceleration Server 2006
Reference:
MS09-031
CVE-2009-1135
CVE    1
CVE-2009-1135
CPE    1
cpe:/a:microsoft:isa_server:2006
XCCDF    6
xccdf_com.secpod_benchmark_microsoft-windows-vista
xccdf_com.secpod_benchmark_microsoft-windows-server-2008
xccdf_com.secpod_benchmark_microsoft-windows-xp
xccdf_scaprepo.com_benchmark_microsoft-windows-server-2003
...

© 2013 SecPod Technologies