Vulnerability-Lookup

CVE-2009-0077 (GCVE-0-2009-0077)

Vulnerability from cvelistv5 – Published: 2009-04-15 03:49 – Updated: 2024-08-07 04:24

Summary

Severity ?

No CVSS data available.

CWE

Assigner

microsoft

References

URL

Tags

	http://www.securitytracker.com/id?1022045	vdb-entryx_refsource_SECTRACK
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://osvdb.org/53636	vdb-entryx_refsource_OSVDB
	http://www.us-cert.gov/cas/techalerts/TA09-104A.html	third-party-advisoryx_refsource_CERT
	http://www.vupen.com/english/advisories/2009/1030	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/34687	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:24:16.985Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1022045",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022045"
          },
          {
            "name": "MS09-016",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-016"
          },
          {
            "name": "53636",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53636"
          },
          {
            "name": "TA09-104A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
          },
          {
            "name": "ADV-2009-1030",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1030"
          },
          {
            "name": "34687",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34687"
          },
          {
            "name": "oval:org.mitre.oval:def:6068",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6068"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka \"Web Proxy TCP State Limited Denial of Service Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "1022045",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022045"
        },
        {
          "name": "MS09-016",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-016"
        },
        {
          "name": "53636",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53636"
        },
        {
          "name": "TA09-104A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
        },
        {
          "name": "ADV-2009-1030",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1030"
        },
        {
          "name": "34687",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34687"
        },
        {
          "name": "oval:org.mitre.oval:def:6068",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6068"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-0077",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka \"Web Proxy TCP State Limited Denial of Service Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1022045",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022045"
            },
            {
              "name": "MS09-016",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-016"
            },
            {
              "name": "53636",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53636"
            },
            {
              "name": "TA09-104A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
            },
            {
              "name": "ADV-2009-1030",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1030"
            },
            {
              "name": "34687",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34687"
            },
            {
              "name": "oval:org.mitre.oval:def:6068",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6068"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2009-0077",
    "datePublished": "2009-04-15T03:49:00",
    "dateReserved": "2009-01-08T00:00:00",
    "dateUpdated": "2024-08-07T04:24:16.985Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:forefront_threat_management_gateway:-:-:medium_business:*:*:*:*:*\", \"matchCriteriaId\": \"034CCD4A-9B8D-466F-AEE7-82D25613BA67\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2004:sp3:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"234D43DB-0FC3-4B94-8883-EEE99A427E69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2004:sp3:standard:*:*:*:*:*\", \"matchCriteriaId\": \"64ACA6AB-44C3-4B33-BEA1-04DFF004FA7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2006:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"62CDCE9A-440C-4268-9430-BCD5E79D6ABD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2006:supportability:*:*:*:*:*:*\", \"matchCriteriaId\": \"9171409D-53E1-472B-A8E8-A3471C4F3BC5\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka \\\"Web Proxy TCP State Limited Denial of Service Vulnerability.\\\"\"}, {\"lang\": \"es\", \"value\": \"El motor del cortafuegos en Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); e Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, y 2006 SP1; no gestiona adecuadamente el estado de sesi\\u00f3n de los oyentes web, lo que permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (muchas sesiones caducadas)a trav\\u00e9s de paquetes manipulados, tambi\\u00e9n conocido como \\\"Vulnerabilidad de denegaci\\u00f3n de servicio de limitada por el estado TCP del Web Proxy\\\".\"}]",
      "id": "CVE-2009-0077",
      "lastModified": "2024-11-21T00:59:00.293",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2009-04-15T08:00:00.267",
      "references": "[{\"url\": \"http://osvdb.org/53636\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://secunia.com/advisories/34687\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www.securitytracker.com/id?1022045\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-104A.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1030\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-016\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6068\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://osvdb.org/53636\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/34687\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1022045\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-104A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1030\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-016\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6068\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-0077\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2009-04-15T08:00:00.267\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka \\\"Web Proxy TCP State Limited Denial of Service Vulnerability.\\\"\"},{\"lang\":\"es\",\"value\":\"El motor del cortafuegos en Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); e Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, y 2006 SP1; no gestiona adecuadamente el estado de sesi\u00f3n de los oyentes web, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (muchas sesiones caducadas)a trav\u00e9s de paquetes manipulados, tambi\u00e9n conocido como \\\"Vulnerabilidad de denegaci\u00f3n de servicio de limitada por el estado TCP del Web Proxy\\\".\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:forefront_threat_management_gateway:-:-:medium_business:*:*:*:*:*\",\"matchCriteriaId\":\"034CCD4A-9B8D-466F-AEE7-82D25613BA67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2004:sp3:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"234D43DB-0FC3-4B94-8883-EEE99A427E69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2004:sp3:standard:*:*:*:*:*\",\"matchCriteriaId\":\"64ACA6AB-44C3-4B33-BEA1-04DFF004FA7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2006:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"62CDCE9A-440C-4268-9430-BCD5E79D6ABD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2006:supportability:*:*:*:*:*:*\",\"matchCriteriaId\":\"9171409D-53E1-472B-A8E8-A3471C4F3BC5\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/53636\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/34687\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securitytracker.com/id?1022045\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-104A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1030\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-016\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6068\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://osvdb.org/53636\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/34687\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1022045\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-104A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1030\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-016\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6068\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2009-AVI-146

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités présentes dans Microsoft ISA Server et Microsoft Forefront Management Gateway permettent à un utilisateur distant de provoquer un déni de service ou de réaliser des attaques de type injection de code indirecte (Cross-site Scripting).

Description

Deux vulnérabilités sont présentes dans Microsoft ISA Server et Microsoft Forefront Management Gateway :

la première est relative à une erreur dans la gestion des états TCP par le pare-feu pour les services Web proxy et Web publishing. Elle permet à un utilisateur distant de provoquer un déni de service (CVE-2009-0077) ;
la seconde concerne une erreur dans les formulaires HTML d'authentification de ISA Server et Forefront TMG. Elle permet à un utilisateur distant de réaliser des attaques de type injection de code indirecte (Cross-site Scripting) (CVE-2009-0237).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft Internet Security and Acceleration Server 2006 Support Update ;
Microsoft	N/A	Microsoft Internet Security and Acceleration Server 2006 Service Pack 1.
Microsoft	N/A	Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition Service Pack 3 ;
Microsoft	N/A	Microsoft Internet Security and Acceleration Server 2006 ;
Microsoft	N/A	Microsoft Forefront Management Gateway, Medium Business Edition ;
Microsoft	N/A	Microsoft Internet Security and Acceleration Server 2004 Standard Edition Service Pack 3 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS09-016 du 14 avril 2009	None	vendor-advisory
Bulletin de sécurité Microsoft M09-016 du 14 avril 2009 :	-	other
Bulletin de sécurité Microsoft M09-016 du 14 avril 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Internet Security and Acceleration Server 2006 Support Update ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Security and Acceleration Server 2006 Service Pack 1.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition Service Pack 3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Security and Acceleration Server 2006 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Forefront Management Gateway, Medium Business Edition ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Security and Acceleration Server 2004 Standard Edition Service Pack 3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans Microsoft ISA Server et\nMicrosoft Forefront Management Gateway :\n\n-   la premi\u00e8re est relative \u00e0 une erreur dans la gestion des \u00e9tats TCP\n    par le pare-feu pour les services Web proxy et Web publishing. Elle\n    permet \u00e0 un utilisateur distant de provoquer un d\u00e9ni de service\n    (CVE-2009-0077) ;\n-   la seconde concerne une erreur dans les formulaires HTML\n    d\u0027authentification de ISA Server et Forefront TMG. Elle permet \u00e0 un\n    utilisateur distant de r\u00e9aliser des attaques de type injection de\n    code indirecte (Cross-site Scripting) (CVE-2009-0237).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-0077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0077"
    },
    {
      "name": "CVE-2009-0237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0237"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft M09-016 du 14 avril 2009 :",
      "url": "http://www.microsoft.com/technet/security/Bulletin/M09-016.mspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft M09-016 du 14 avril 2009 :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/M09-016.mspx"
    }
  ],
  "reference": "CERTA-2009-AVI-146",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans Microsoft ISA Server et\nMicrosoft Forefront Management Gateway permettent \u00e0 un utilisateur\ndistant de provoquer un d\u00e9ni de service ou de r\u00e9aliser des attaques de\ntype injection de code indirecte (\u003cspan class=\"textit\"\u003eCross-site\nScripting\u003c/span\u003e).\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft ISA Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-016 du 14 avril 2009",
      "url": null
    }
  ]
}

CERTA-2009-AVI-146

Vulnerability from certfr_avis - Published: - Updated:

Description

Deux vulnérabilités sont présentes dans Microsoft ISA Server et Microsoft Forefront Management Gateway :

la première est relative à une erreur dans la gestion des états TCP par le pare-feu pour les services Web proxy et Web publishing. Elle permet à un utilisateur distant de provoquer un déni de service (CVE-2009-0077) ;
la seconde concerne une erreur dans les formulaires HTML d'authentification de ISA Server et Forefront TMG. Elle permet à un utilisateur distant de réaliser des attaques de type injection de code indirecte (Cross-site Scripting) (CVE-2009-0237).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft Internet Security and Acceleration Server 2006 Support Update ;
Microsoft	N/A	Microsoft Internet Security and Acceleration Server 2006 Service Pack 1.
Microsoft	N/A	Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition Service Pack 3 ;
Microsoft	N/A	Microsoft Internet Security and Acceleration Server 2006 ;
Microsoft	N/A	Microsoft Forefront Management Gateway, Medium Business Edition ;
Microsoft	N/A	Microsoft Internet Security and Acceleration Server 2004 Standard Edition Service Pack 3 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS09-016 du 14 avril 2009	None	vendor-advisory
Bulletin de sécurité Microsoft M09-016 du 14 avril 2009 :	-	other
Bulletin de sécurité Microsoft M09-016 du 14 avril 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Internet Security and Acceleration Server 2006 Support Update ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Security and Acceleration Server 2006 Service Pack 1.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition Service Pack 3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Security and Acceleration Server 2006 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Forefront Management Gateway, Medium Business Edition ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Security and Acceleration Server 2004 Standard Edition Service Pack 3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans Microsoft ISA Server et\nMicrosoft Forefront Management Gateway :\n\n-   la premi\u00e8re est relative \u00e0 une erreur dans la gestion des \u00e9tats TCP\n    par le pare-feu pour les services Web proxy et Web publishing. Elle\n    permet \u00e0 un utilisateur distant de provoquer un d\u00e9ni de service\n    (CVE-2009-0077) ;\n-   la seconde concerne une erreur dans les formulaires HTML\n    d\u0027authentification de ISA Server et Forefront TMG. Elle permet \u00e0 un\n    utilisateur distant de r\u00e9aliser des attaques de type injection de\n    code indirecte (Cross-site Scripting) (CVE-2009-0237).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-0077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0077"
    },
    {
      "name": "CVE-2009-0237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0237"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft M09-016 du 14 avril 2009 :",
      "url": "http://www.microsoft.com/technet/security/Bulletin/M09-016.mspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft M09-016 du 14 avril 2009 :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/M09-016.mspx"
    }
  ],
  "reference": "CERTA-2009-AVI-146",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans Microsoft ISA Server et\nMicrosoft Forefront Management Gateway permettent \u00e0 un utilisateur\ndistant de provoquer un d\u00e9ni de service ou de r\u00e9aliser des attaques de\ntype injection de code indirecte (\u003cspan class=\"textit\"\u003eCross-site\nScripting\u003c/span\u003e).\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft ISA Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-016 du 14 avril 2009",
      "url": null
    }
  ]
}

VAR-200904-0209

Vulnerability from variot - Updated: 2023-12-18 11:35

The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka "Web Proxy TCP State Limited Denial of Service Vulnerability.". Microsoft ISA Server and Forefront Threat Management Gateway are prone to a remote denial-of-service vulnerability. A remote, anonymous attacker could exploit this issue to cause the Web proxy listener to become unresponsive, denying service legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

                National Cyber Alert System

          Technical Cyber Security Alert TA09-104A

Microsoft Updates for Multiple Vulnerabilities

Original release date: April 14, 2009 Last revised: -- Source: US-CERT

Systems Affected

 * Microsoft Windows
 * Microsoft Office
 * Microsoft Windows Server
 * Microsoft ISA Server

Overview

Microsoft has released updates that address vulnerabilities in Microsoft Windows, Office, Windows Server, and ISA Server.

I. Description

As part of the Microsoft Security Bulletin Summary for April 2009, Microsoft released updates to address vulnerabilities that affect Microsoft Windows, Office, Windows Server, and ISA Server.

II. Impact

A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a vulnerable application to crash.

III. Solution

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for April 2009. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).

IV. References

Microsoft Security Bulletin Summary for April 2009 - http://www.microsoft.com/technet/security/bulletin/ms09-apr.mspx
Microsoft Windows Server Update Services - http://technet.microsoft.com/en-us/wsus/default.aspx

The most recent version of this document can be found at:

 <http://www.us-cert.gov/cas/techalerts/TA09-104A.html>

Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA09-104A Feedback VU#999892" in the subject.

For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.

Produced 2009 by US-CERT, a government organization.

 <http://www.us-cert.gov/legal.html>

Revision History

April 14, 2009: Initial release

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSeTi+XIHljM+H4irAQIIWQf/TWAkmQKay9j5fDLBcyMGJ3icTpG05Zp2 rM8UXMjKohKcDBhY1K9mxKxif5L81+y87PlBz/WTl3icn+57wAGMl/pAAeTz3Hp3 T98eKMXfzvVU57WDGGxy+4Ad57DIIF5hRkiGusDjnNJfd5kdH7q+8rPjPCUvtYAu H+0auzCpmob7NsIv/YuRXIHekkLiX5GPanhecy+mve1cvbSpXGKF9vf7LEGaFEsT 1XOtTeY0r4TjZEk/c5ahKqGehJINujvv4eVdiajqDOCVecaALi+p+XwMSLtlJvgK Vaa/ioPIFq8nNUz7eefVSadsary2RfmKegDwmg8FZX/UOso+tQ21KQ== =q59/ -----END PGP SIGNATURE----- . ----------------------------------------------------------------------

Secunia is pleased to announce the release of the annual Secunia report for 2008.

2) Input passed to the HTML forms authentication component (cookieauth.dll) is not properly sanitised before being returned to users. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Successful exploitation of this vulnerability requires that Web publishing is enabled and HTML forms authentication is enabled on the default Web listener.

SOLUTION: Apply patches. 2) The vendor credits New York State Chief Information Officer / Office for Technology.

ORIGINAL ADVISORY: MS09-016 (KB961759, KB968075, KB960995, KB968078): http://www.microsoft.com/technet/security/Bulletin/MS09-016.mspx

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200904-0209",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "forefront threat management gateway",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "internet security and acceleration server",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "microsoft",
        "version": "2004"
      },
      {
        "model": "internet security and acceleration server",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "microsoft",
        "version": "2006"
      },
      {
        "model": "forefront threat management gateway",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "medium business edition"
      },
      {
        "model": "internet security and acceleration server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "2006 supportability update"
      },
      {
        "model": "isa server supportability update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "20060"
      },
      {
        "model": "isa server sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2006"
      },
      {
        "model": "isa server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "20060"
      },
      {
        "model": "isa server sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2004"
      },
      {
        "model": "forefront threat management gateway medium business edit",
        "scope": null,
        "trust": 0.3,
        "vendor": "microsoft",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "34414"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001217"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0077"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-273"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2004:sp3:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2004:sp3:enterprise:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:forefront_threat_management_gateway:-:-:medium_business:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2006:supportability:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2006:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-0077"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Microsoft",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-273"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2009-0077",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2009-0077",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-37523",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2009-0077",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200904-273",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-37523",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37523"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001217"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0077"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-273"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka \"Web Proxy TCP State Limited Denial of Service Vulnerability.\". Microsoft ISA Server and Forefront Threat Management Gateway are prone to a remote denial-of-service vulnerability. \nA remote, anonymous attacker could exploit this issue to cause the Web proxy listener to become unresponsive, denying service legitimate users. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n                    National Cyber Alert System\n\n              Technical Cyber Security Alert TA09-104A\n\n\nMicrosoft Updates for Multiple Vulnerabilities\n\n   Original release date: April 14, 2009\n   Last revised: --\n   Source: US-CERT\n\n\nSystems Affected\n\n     * Microsoft Windows\n     * Microsoft Office\n     * Microsoft Windows Server\n     * Microsoft ISA Server\n\n\nOverview\n\n   Microsoft has released updates that address vulnerabilities in\n   Microsoft Windows, Office, Windows Server, and ISA Server. \n\n\nI. Description\n\n   As part of the Microsoft Security Bulletin Summary for April 2009,\n   Microsoft released updates to address vulnerabilities that affect\n   Microsoft Windows, Office, Windows Server, and ISA Server. \n\n\nII. Impact\n\n   A remote, unauthenticated attacker could execute arbitrary code,\n   gain elevated privileges,  or cause a vulnerable application to\n   crash. \n\n\nIII. Solution\n\n   Microsoft has provided updates for these vulnerabilities in the\n   Microsoft Security Bulletin Summary for April 2009. The security\n   bulletin describes any known issues related to the updates. \n   Administrators are encouraged to note these issues and test for any\n   potentially adverse effects. Administrators should consider using\n   an automated update distribution system such as Windows Server\n   Update Services (WSUS). \n\n\nIV. References\n\n * Microsoft Security Bulletin Summary for April 2009 -\n   \u003chttp://www.microsoft.com/technet/security/bulletin/ms09-apr.mspx\u003e\n\n * Microsoft Windows Server Update Services -\n   \u003chttp://technet.microsoft.com/en-us/wsus/default.aspx\u003e\n\n ____________________________________________________________________\n\n   The most recent version of this document can be found at:\n\n     \u003chttp://www.us-cert.gov/cas/techalerts/TA09-104A.html\u003e\n ____________________________________________________________________\n\n   Feedback can be directed to US-CERT Technical Staff. Please send\n   email to \u003ccert@cert.org\u003e with \"TA09-104A Feedback VU#999892\" in\n   the subject. \n ____________________________________________________________________\n\n   For instructions on subscribing to or unsubscribing from this\n   mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n   Produced 2009 by US-CERT, a government organization. \n\n   Terms of use:\n\n     \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n  \n  April 14, 2009: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBSeTi+XIHljM+H4irAQIIWQf/TWAkmQKay9j5fDLBcyMGJ3icTpG05Zp2\nrM8UXMjKohKcDBhY1K9mxKxif5L81+y87PlBz/WTl3icn+57wAGMl/pAAeTz3Hp3\nT98eKMXfzvVU57WDGGxy+4Ad57DIIF5hRkiGusDjnNJfd5kdH7q+8rPjPCUvtYAu\nH+0auzCpmob7NsIv/YuRXIHekkLiX5GPanhecy+mve1cvbSpXGKF9vf7LEGaFEsT\n1XOtTeY0r4TjZEk/c5ahKqGehJINujvv4eVdiajqDOCVecaALi+p+XwMSLtlJvgK\nVaa/ioPIFq8nNUz7eefVSadsary2RfmKegDwmg8FZX/UOso+tQ21KQ==\n=q59/\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\nSecunia is pleased to announce the release of the annual Secunia\nreport for 2008. \n\n2) Input passed to the HTML forms authentication component\n(cookieauth.dll) is not properly sanitised before being returned to\nusers. This can be exploited to execute arbitrary HTML and script\ncode in a user\u0027s browser session in context of an affected site. \n\nSuccessful exploitation of this vulnerability requires that Web\npublishing is enabled and HTML forms authentication is enabled on the\ndefault Web listener. \n\nSOLUTION:\nApply patches. \n2) The vendor credits New York State Chief Information Officer /\nOffice for Technology. \n\nORIGINAL ADVISORY:\nMS09-016 (KB961759, KB968075, KB960995, KB968078):\nhttp://www.microsoft.com/technet/security/Bulletin/MS09-016.mspx\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-0077"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001217"
      },
      {
        "db": "BID",
        "id": "34414"
      },
      {
        "db": "VULHUB",
        "id": "VHN-37523"
      },
      {
        "db": "PACKETSTORM",
        "id": "76655"
      },
      {
        "db": "PACKETSTORM",
        "id": "76632"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2009-0077",
        "trust": 2.8
      },
      {
        "db": "USCERT",
        "id": "TA09-104A",
        "trust": 2.6
      },
      {
        "db": "SECUNIA",
        "id": "34687",
        "trust": 2.6
      },
      {
        "db": "OSVDB",
        "id": "53636",
        "trust": 2.5
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-1030",
        "trust": 2.5
      },
      {
        "db": "SECTRACK",
        "id": "1022045",
        "trust": 2.5
      },
      {
        "db": "USCERT",
        "id": "SA09-104A",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001217",
        "trust": 0.8
      },
      {
        "db": "CERT/CC",
        "id": "TA09-104A",
        "trust": 0.6
      },
      {
        "db": "MS",
        "id": "MS09-016",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-273",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "34414",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-37523",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "76655",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "76632",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37523"
      },
      {
        "db": "BID",
        "id": "34414"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001217"
      },
      {
        "db": "PACKETSTORM",
        "id": "76655"
      },
      {
        "db": "PACKETSTORM",
        "id": "76632"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0077"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-273"
      }
    ]
  },
  "id": "VAR-200904-0209",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37523"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T11:35:13.974000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "MS09-016",
        "trust": 0.8,
        "url": "http://www.microsoft.com/technet/security/bulletin/ms09-016.mspx"
      },
      {
        "title": "MS09-016",
        "trust": 0.8,
        "url": "http://www.microsoft.com/japan/technet/security/bulletin/ms09-016.mspx"
      },
      {
        "title": "MS09-016e",
        "trust": 0.8,
        "url": "http://www.microsoft.com/japan/security/bulletins/ms09-016e.mspx"
      },
      {
        "title": "TA09-104A",
        "trust": 0.8,
        "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta09-104a.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001217"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001217"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0077"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.us-cert.gov/cas/techalerts/ta09-104a.html"
      },
      {
        "trust": 2.5,
        "url": "http://osvdb.org/53636"
      },
      {
        "trust": 2.5,
        "url": "http://www.securitytracker.com/id?1022045"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/34687"
      },
      {
        "trust": 2.5,
        "url": "http://www.vupen.com/english/advisories/2009/1030"
      },
      {
        "trust": 1.1,
        "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-016"
      },
      {
        "trust": 1.1,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6068"
      },
      {
        "trust": 1.0,
        "url": "http://www.microsoft.com/technet/security/bulletin/ms09-016.mspx"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0077"
      },
      {
        "trust": 0.8,
        "url": "http://www.jpcert.or.jp/at/2009/at090007.txt"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnta09-104a/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/tr/jvntr-2009-10/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0077"
      },
      {
        "trust": 0.8,
        "url": "http://www.us-cert.gov/cas/alerts/sa09-104a.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.cyberpolice.go.jp/#topics"
      },
      {
        "trust": 0.3,
        "url": "http://www.microsoft.com"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/techalerts/ta09-104a.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.microsoft.com/technet/security/bulletin/ms09-apr.mspx\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/signup.html\u003e."
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/legal.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://technet.microsoft.com/en-us/wsus/default.aspx\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.microsoft.com/downloads/details.aspx?familyid=6abf9fb4-42d0-4c67-935f-8dc67850148b"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://www.microsoft.com/downloads/details.aspx?familyid=adf623fa-2d74-4f2a-9835-4b8debdb0e1b"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/34687/"
      },
      {
        "trust": 0.1,
        "url": "http://www.microsoft.com/downloads/details.aspx?familyid=eda30bcc-0582-4f60-a4c5-ea5000b7c770"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://www.microsoft.com/downloads/details.aspx?familyid=d1d55ab6-3de5-4811-9693-8d43f49f5fe8"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/try_vi/request_2008_report/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37523"
      },
      {
        "db": "BID",
        "id": "34414"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001217"
      },
      {
        "db": "PACKETSTORM",
        "id": "76655"
      },
      {
        "db": "PACKETSTORM",
        "id": "76632"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0077"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-273"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-37523"
      },
      {
        "db": "BID",
        "id": "34414"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001217"
      },
      {
        "db": "PACKETSTORM",
        "id": "76655"
      },
      {
        "db": "PACKETSTORM",
        "id": "76632"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0077"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-273"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-04-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-37523"
      },
      {
        "date": "2009-04-14T00:00:00",
        "db": "BID",
        "id": "34414"
      },
      {
        "date": "2009-05-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-001217"
      },
      {
        "date": "2009-04-15T00:10:24",
        "db": "PACKETSTORM",
        "id": "76655"
      },
      {
        "date": "2009-04-14T15:11:48",
        "db": "PACKETSTORM",
        "id": "76632"
      },
      {
        "date": "2009-04-15T08:00:00.267000",
        "db": "NVD",
        "id": "CVE-2009-0077"
      },
      {
        "date": "2009-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200904-273"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-37523"
      },
      {
        "date": "2009-04-14T23:06:00",
        "db": "BID",
        "id": "34414"
      },
      {
        "date": "2009-05-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-001217"
      },
      {
        "date": "2018-10-12T21:49:23.657000",
        "db": "NVD",
        "id": "CVE-2009-0077"
      },
      {
        "date": "2021-07-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200904-273"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-273"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Microsoft Forefront TMG MBE and  ISA Server Service disruption in firewall engines  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001217"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-273"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2009-0077

Vulnerability from fkie_nvd - Published: 2009-04-15 08:00 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secure@microsoft.com	http://osvdb.org/53636
secure@microsoft.com	http://secunia.com/advisories/34687
secure@microsoft.com	http://www.securitytracker.com/id?1022045
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA09-104A.html	US Government Resource
secure@microsoft.com	http://www.vupen.com/english/advisories/2009/1030
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-016
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6068
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/53636
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34687
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022045
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA09-104A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1030
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-016
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6068

Impacted products

Vendor	Product	Version
microsoft	forefront_threat_management_gateway	-
microsoft	internet_security_and_acceleration_server	2004
microsoft	internet_security_and_acceleration_server	2004
microsoft	internet_security_and_acceleration_server	2006
microsoft	internet_security_and_acceleration_server	2006

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:forefront_threat_management_gateway:-:-:medium_business:*:*:*:*:*",
              "matchCriteriaId": "034CCD4A-9B8D-466F-AEE7-82D25613BA67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2004:sp3:enterprise:*:*:*:*:*",
              "matchCriteriaId": "234D43DB-0FC3-4B94-8883-EEE99A427E69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2004:sp3:standard:*:*:*:*:*",
              "matchCriteriaId": "64ACA6AB-44C3-4B33-BEA1-04DFF004FA7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2006:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "62CDCE9A-440C-4268-9430-BCD5E79D6ABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2006:supportability:*:*:*:*:*:*",
              "matchCriteriaId": "9171409D-53E1-472B-A8E8-A3471C4F3BC5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka \"Web Proxy TCP State Limited Denial of Service Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "El motor del cortafuegos en Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); e Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, y 2006 SP1; no gestiona adecuadamente el estado de sesi\u00f3n de los oyentes web, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (muchas sesiones caducadas)a trav\u00e9s de paquetes manipulados, tambi\u00e9n conocido como \"Vulnerabilidad de denegaci\u00f3n de servicio de limitada por el estado TCP del Web Proxy\"."
    }
  ],
  "id": "CVE-2009-0077",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-15T08:00:00.267",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://osvdb.org/53636"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://secunia.com/advisories/34687"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securitytracker.com/id?1022045"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.vupen.com/english/advisories/2009/1030"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-016"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/53636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34687"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022045"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1030"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-016"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6068"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-9RC2-2223-5QCP

Vulnerability from github – Published: 2022-05-02 03:12 – Updated: 2022-05-02 03:12

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-0077"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-04-15T08:00:00Z",
    "severity": "MODERATE"
  },
  "details": "The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka \"Web Proxy TCP State Limited Denial of Service Vulnerability.\"",
  "id": "GHSA-9rc2-2223-5qcp",
  "modified": "2022-05-02T03:12:41Z",
  "published": "2022-05-02T03:12:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0077"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-016"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6068"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/53636"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34687"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1022045"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1030"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2009-0077

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-0077

Aliases

CVE-2009-0077

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-0077",
    "description": "The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka \"Web Proxy TCP State Limited Denial of Service Vulnerability.\"",
    "id": "GSD-2009-0077"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-0077"
      ],
      "details": "The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka \"Web Proxy TCP State Limited Denial of Service Vulnerability.\"",
      "id": "GSD-2009-0077",
      "modified": "2023-12-13T01:19:44.430365Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2009-0077",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka \"Web Proxy TCP State Limited Denial of Service Vulnerability.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1022045",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1022045"
          },
          {
            "name": "MS09-016",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-016"
          },
          {
            "name": "53636",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/53636"
          },
          {
            "name": "TA09-104A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
          },
          {
            "name": "ADV-2009-1030",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/1030"
          },
          {
            "name": "34687",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/34687"
          },
          {
            "name": "oval:org.mitre.oval:def:6068",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6068"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2004:sp3:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2004:sp3:enterprise:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:forefront_threat_management_gateway:-:-:medium_business:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2006:supportability:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2006:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-0077"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka \"Web Proxy TCP State Limited Denial of Service Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-1030",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/1030"
            },
            {
              "name": "53636",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/53636"
            },
            {
              "name": "34687",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/34687"
            },
            {
              "name": "TA09-104A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
            },
            {
              "name": "1022045",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1022045"
            },
            {
              "name": "oval:org.mitre.oval:def:6068",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6068"
            },
            {
              "name": "MS09-016",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-016"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-12T21:49Z",
      "publishedDate": "2009-04-15T08:00Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-0077 (GCVE-0-2009-0077)

CERTA-2009-AVI-146

Description

Solution

CERTA-2009-AVI-146

Description

Solution

VAR-200904-0209

FKIE_CVE-2009-0077

GHSA-9RC2-2223-5QCP

GSD-2009-0077

Tags

Sightings

Nomenclature