CVE-2007-4991

Name of the Vulnerable Software and Affected Versions Microsoft Internet Security and Acceleration (ISA) Server 2004 versions SP1 through SP2

Description The issue allows remote attackers to obtain potentially sensitive information, specifically the destination IP address of another user's session, by sending an empty packet to the SOCKS4 Proxy.

Recommendations For Microsoft Internet Security and Acceleration (ISA) Server 2004 versions SP1 and SP2, consider restricting access to the SOCKS4 Proxy until a fix is available. As a temporary workaround, limiting the information exposed by the proxy or implementing additional logging and monitoring may help minimize the risk of exploitation.