Privilege Escalation Vulnerability in Microsoft ISA Server 2006 - MS09-031ID: oval:org.secpod.oval:def:2998 | Date: (C)2011-11-15 (M)2022-10-10 |
Class: PATCH | Family: windows |
The host is missing an important security update according to Microsoft security bulletin, MS09-031. The update is required to fix privilege escalation vulnerability. A flaw is present in the Microsoft ISA Server 2006, which fails to handle an administrative user account for an ISA server that is configured for Radius One Time Password (OTP) authentication and authentication delegation with Kerberos Constrained Delegation. Successful exploitation allows an attacker take complete control of systems.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Microsoft Internet Security and Acceleration Server 2006 |