Remote file bypass vulnerability in Microsoft Internet Security and Acceleration Server 2004
CVE-2006-3652

Currently unrated

Key Information:

Vendor

Microsoft
Status
Isa Server
Vendor
CVE Published:
18 July 2006

What is CVE-2006-3652?

The Microsoft Internet Security and Acceleration (ISA) Server 2004 contains a vulnerability that enables remote attackers to bypass file extension filters. This occurs when an attacker sends a specially crafted request that includes a trailing '#' character, allowing them to potentially access files that should be restricted by these filters. Despite attempts to reproduce the issue, confirmation and test cases from third parties have not been consistent, raising concerns about the effectiveness of the filter implementation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/archive/1/440446/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/440558/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/18994
vdb-entryx_refsource_BID

EPSS Score

19% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.