Intrusion Prevention

MS.ISA.Server.Socks4.Proxy.Connection.Information.Disclosure

Description

Microsoft ISA Server has an information disclosure vulnerability that occurs when SOCKS4 handles empty packets.
An attacker could exploit this issue to obtain sensitive information that may aid in further attacks.

Affected Products

Microsoft ISA Server 2004 SP2
Microsoft ISA Server 2004 SP1

Impact

Information disclosure.

Recommended Actions

The vendor released an update to address this issue.
Microsoft ISA Server 2004 SP2:
Microsoft Microsoft Internet Security and Acceleration (ISA) Server 2004 Standard Edition SP3
http://www.microsoft.com/downloads/details.aspx?FamilyID=A05A074A-5033 -4792-AF8B-58B90D841436&displaylang=en
Microsoft ISA Server 2004 SP1:
Microsoft Microsoft Internet Security and Acceleration (ISA) Server 2004 Standard Edition SP3
http://www.microsoft.com/downloads/details.aspx?FamilyID=A05A074A-5033 -4792-AF8B-58B90D841436&displaylang=en

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

ZDI-07-053

ID	14998
Created	Sep 24, 2007
Updated	Aug 29, 2022
Risk
CVE ID	CVE-2007-4991
Exploit Prediction Score	96.49%
Default Action	pass
Active
Affected OS	Windows
Affected App	Other

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Intrusion Prevention

MS.ISA.Server.Socks4.Proxy.Connection.Information.Disclosure

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

Intrusion Prevention

MS.ISA.Server.Socks4.Proxy.Connection.Information.Disclosure

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

References

Threat Intelligence
Center