Intrusion Prevention

MS.ISA.Server.Socks4.Proxy.Connection.Information.Disclosure

Description

Microsoft ISA Server has an information disclosure vulnerability that occurs when SOCKS4 handles empty packets.
An attacker could exploit this issue to obtain sensitive information that may aid in further attacks.

Affected Products

Microsoft ISA Server 2004 SP2
Microsoft ISA Server 2004 SP1

Impact

Information disclosure.

Recommended Actions

The vendor released an update to address this issue.
Microsoft ISA Server 2004 SP2:
Microsoft Microsoft Internet Security and Acceleration (ISA) Server 2004 Standard Edition SP3
http://www.microsoft.com/downloads/details.aspx?FamilyID=A05A074A-5033 -4792-AF8B-58B90D841436&displaylang=en
Microsoft ISA Server 2004 SP1:
Microsoft Microsoft Internet Security and Acceleration (ISA) Server 2004 Standard Edition SP3
http://www.microsoft.com/downloads/details.aspx?FamilyID=A05A074A-5033 -4792-AF8B-58B90D841436&displaylang=en

CVE References

CVE-2007-4991

Other References

ZDI-07-053