Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information (the destination IP address of another user's session) via an empty packet.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft ISA Server SOCKS4代理连接远程信息泄露漏洞
Vulnerability Description
ISA Server是微软产品家族之一,可以提供企业防火墙和高性能的Web缓存。 ISA Server处理用户请求时存在漏洞,远程攻击者可能利用此漏洞获取某些敏感信息。 如果向SOCKS4发送了空报文的话,ISA服务器就会返回所代理的最后一个IP地址,这样远程攻击者便可以无须认证便获得所代理过的IP地址信息。
CVSS Information
N/A
Vulnerability Type
N/A