MS04-039: ISA Server 2000 and Proxy Server 2.0 Internet Content Spoofing (888258)

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.


Synopsis :

It is possible to spoof the content of the remote proxy server.

Description :

The remote host is running ISA Server 2000, an HTTP proxy. The remote
version of this software is vulnerable to content spoofing attacks.

An attacker could lure a victim to visit a malicious website and the
user could believe is visiting a trusted web site.

See also :

http://technet.microsoft.com/en-us/security/bulletin/ms04-039

Solution :

Microsoft has released a set of patches for ISA Server 2000.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 15714 ()

Bugtraq ID:

CVE ID: CVE-2004-0892