Vulnerabilities > CVE-2005-1216 - Unspecified vulnerability in Microsoft ISA Server 2000

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
microsoft
nessus
NVD
Published: 2005-06-14
Updated: 2018-10-12

Summary

Microsoft ISA Server 2000 allows remote attackers to connect to services utilizing the NetBIOS protocol via a NetBIOS connection with an ISA Server that uses the NetBIOS (all) predefined packet filter.

Vulnerable Configurations

Part Description Count
Application
Microsoft
1

Nessus

NASL familyWindows : Microsoft Bulletins
NASL idSMB_NT_MS05-034.NASL
descriptionThe remote host is missing a cumulative update for ISA Server 2000 that fixes several security flaws that could allow an attacker to elevate his privileges.
last seen2020-06-01
modified2020-06-02
plugin id18487
published2005-06-14
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/18487
titleMS05-034: Cumulative Update for ISA Server 2000 (899753)

Oval

accepted2011-04-25T04:00:20.293-04:00
classvulnerability
contributors
  • nameChristine Walzer
    organizationThe MITRE Corporation
  • nameJonathan Baker
    organizationThe MITRE Corporation
  • nameAkihito Nakamura
    organizationAIST
descriptionMicrosoft ISA Server 2000 allows remote attackers to connect to services utilizing the NetBIOS protocol via a NetBIOS connection with an ISA Server that uses the NetBIOS (all) predefined packet filter.
familywindows
idoval:org.mitre.oval:def:468
statusaccepted
submitted2005-06-23T04:00:00.000-04:00
titleISA Server NetBIOS Packet Filter Bypass Vulnerability
version5

References