HTTP.Multiple.Content-Length.Request.Smuggling

description-logoDescription

This indicates an attempt to exploit a Cache Poisoning vulnerability in Microsoft ISA (Internet Security Acceleration) server.
The vulnerability is caused by the application's failure to properly sanitize user HTTP requests. An attacker can send a specially crafted request containing multiple "content length" headers to poison the cache of the ISA server. As a result the attacker can bypass content restrictions or cause user requests to be redirected.

affected-products-logoAffected Products

Microsoft ISA Server 2000 Enterprise Edition SP2
Microsoft ISA Server 2000 Enterprise Edition SP1
Microsoft ISA Server 2000 Enterprise Edition
Microsoft ISA Server 2000 SP2
Microsoft ISA Server 2000 SP1
Microsoft ISA Server 2000

Impact logoImpact

System Compromise: Provides unauthorized access, bypassing security.

recomended-action-logoRecommended Actions

Apply the security patch to the system, as given in the Microsoft bulletins MS05-034.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)