MS03-009: Microsoft ISA Server DNS - Denial Of Service (331065)
Low Nessus Plugin ID 11433
SynopsisIt is possible to launch a denial of service attack against the remote DNS application filter.
DescriptionA vulnerability in Microsoft ISA Server 2000 allows an attacker to cause a denial of service in DNS services by sending a specially crafted DNS request packet.
Note that, to be vulnerable, the ISA Server must be manually configured to publish an internal DNS server, which it does not do by default.
SolutionMicrosoft has released a set of patches for ISA Server 2000.