Eicon Networks S92 Manual do Utilizador descarregar pdf (Página 61)

YuChakTinMichael‘sGIACGCFWProjectAssignment

Page 61

ISAServerVuln erabilities

AccordingtoSamCostelloofIDGNewsService,

“MicrosoftFriday(08/17/01) saidthatoneofitssecurityproducts,InternetSecurity

andAccelerationServer2000,hasthreedifferentsecurityholesthatcouldleadto

denialofserviceattacks.Microsofthasissuedapatchtofixallthree vulnerabilities.

TheflawsareunrelatedandaffectISAServer'sVoiceoverIPcapabilities,itsProxy

serviceandISA'serrorpagegeneration.Thefirstvulnerabilityconcernsamemory

leakintheH.323Gatekeeperservice,whichallowsvoiceoverIPtrafficthrougha

firewall.Eachtimemalformeddataissenttothisservice,asmallamountofthe

server'smemoryisdepleted,Microsoftsaid.Ifsuchrequestsaresentfrequently

enough,theserverwouldbesloweddowntothepointofdisruptingnormaluse.

Thisproblemismitigated,however,inthattheservercanonlybeattackedifthe

H.323Gatekeepercomponentisinstalled,somethingthatonlyhappenswhenauser

choosesa "fullinstallation,"ortoinstalleverythingonthesoftwareCDrelatedtothe

application.

ThesecondproblemISAServerfacesisadenialofserviceprobleminthesoftware's

Proxyservice.Thisflaw, likethefirst,isalsoamemoryleakthatcancauseaslowing

oftheserverandleadto denialofservicetolegitimateusers.Thisholeismadeless

seriousbecauseitcanonlybeexploitedbyaninternaluser,Microsoftsaid.

Lastly, acomplicatedvulnerabilityinthewayISAServerhandleserrormessages

aboutirretrievableWebpagescanallowanattackertoexecutecodeandgainaccess

tocookiesonboththeserverandusermachines.Theflawcouldbeexploitedifan

attackerwereablet otrickauserintorequestingaWeb pagethatdidnotresideona

server.ThefalseURLwouldalsohavetocontaincode.WhenISAServergeneratesan

errorpagestatingthattherequestedpageisnotavailable,thecodecontainedinthe

URLwouldrunintheserver'ssecuritydomainandanycookiesthatserverhadseton

theuser'ssystemwouldbeavailabletotheattacker.Thisvulnerabilityislimitedin

thattheattackerwouldhavetoknowwhichsitesausertrusted,whichsiteshad

placedcookiesontheuser'scomputerandthattheuserhadspecificsecuritysettings

thatwouldallowtheattack.

1 2 ... 56 57 58 59 60 61 62 63 64 65 66 ... 208 209

Eicon Networks S92 Manual do Utilizador Página 61