PT-2005-2864 · Microsoft · Internet Security/Acceleration (Isa) Server 2000

Published

2005-05-31

Updated

2018-08-13

CVE-2005-1907

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Microsoft Internet Security and Acceleration (ISA) Server 2000

Description The issue concerns the ISA Firewall service, which can be exploited by remote attackers to cause a denial of service. This is achieved by sending a large amount of SecureNAT network traffic, resulting in a crash of the Wspsrv.exe process.

Recommendations For Microsoft Internet Security and Acceleration (ISA) Server 2000, consider restricting the amount of SecureNAT network traffic to prevent the denial of service. As a temporary workaround, limiting the incoming traffic may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-1907

Affected Products

Internet Security/Acceleration (Isa) Server 2000

PT-2005-2864 · Microsoft · Internet Security/Acceleration (Isa) Server 2000

CVE-2005-1907

Related Identifiers

Affected Products

References · 7