Microsoft warns of three flaws in ISA Server
Microsoft Corp. said that its ISA (Internet Security and Acceleration) Server 2000 has three different security holes that could lead to denial of service attacks and has issued a patch to fix all three vulnerabilities.
The flaws are unrelated and affect ISA Server's Voice over IP (Internet Protocol) capabilities, its Proxy service and ISA's error page generation. The first vulnerability concerns a memory leak in the H.323 Gatekeeper service, which allows VoIP traffic through a firewall. Each time malformed data is sent to this service, a small amount of the server's memory is depleted, Microsoft said. If such requests are sent frequently enough, the server would be slowed down to the point of disrupting normal use.
This problem is mitigated, however, in that the server can only be attacked if the H.323 Gatekeeper component is installed, something that only happens when a user chooses a "full installation," or to install everything on the software CD related to the application.
The second problem ISA Server faces is a denial of service problem in the software's Proxy service. This flaw, like the first, is also a memory leak that can cause a slowing of the server and lead to denial of service to legitimate users. This hole is made less serious because it can only be exploited by an internal user, Microsoft said.
Lastly, a complicated vulnerability in the way ISA Server handles error messages about irretrievable Web pages can allow an attacker to execute code and gain access to cookies on both the server and user machines. The flaw could be exploited if an attacker were able to trick a user into requesting a Web page that did not reside on a server. The false URL (Uniform Resource Locator) would also have to contain code. When ISA Server generates an error page stating that the requested page is not available, the code contained in the URL would run in the server's security domain and any cookies that server had set on the user's system would be available to the attacker. This vulnerability is limited in that the attacker would have to know which sites a user trusted, which sites had placed cookies on the user's computer and that the user had specific security settings that would allow the attack.
The H.323 Gatekeeper and Proxy Service flaws were discovered by Peter Grundl. The scripting hole was found by Hiromitsu Takagi.
More information about the vulnerabilities, as well as the patch to fix them, is located at http://www.microsoft.com/technet/security/bulletin/ms01-045.asp.
Microsoft, in Redmond, Washington, can be reached at +1-425-882-8080 or via the Internet at http://www.microsoft.com.
ITworld.com
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
Enterprise 2.0 Implementation
By Aaron C. Newman, Jeremy Thomas
Published by McGraw-Hill
Learn more!
Deploying Cisco Wide Area Application Services
By Zach Seils, Joel Christner
Published by Cisco Press
Learn more!
