CVE-2006-7027

Currently unrated

Key Information:

Vendor: Microsoft
Status: Isa Server
Vendor: CVE Published:; 23 February 2007

Summary

Microsoft Internet Security and Acceleration (ISA) Server 2004 logs unusual ASCII characters in the Host header, including the tab, which allows remote attackers to manipulate portions of the log file and possibly leverage this for other attacks.

References

http://www.securityfocus.com/archive/1/433074/30/5190/thr...

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/432947/30/5190/thr...

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/433350/30/5100/thr...

mailing-listx_refsource_BUGTRAQ

EPSS Score

87% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 23, 2007
Vulnerability Reserved
Feb 22, 2007

Collectors

NVD DatabaseMitre Database