A cross-site scripting vulnerability in ISA Server 2006 allows for redirection to malicious sites

View products that this article applies to.

Symptoms

Consider the following scenario:

You publish a Web site in Microsoft Internet Security and Acceleration (ISA) Server 2006.
You configure standard forms-based authentication in the Web listener.
A client user is tricked into accessing a malicious a URL that abuses a vulnerability.

In this scenario, the user can be redirected to a malicious site that poses as a Web site that is published in ISA Server.

↑ Back to the top

Cause

This problem occurs because ISA Server 2006's forms-based authentication filter does not correctly cleanse the input data that is received from the user.

↑ Back to the top

Resolution

To resolve this problem, apply the hotfix rollup package that is described in the following Microsoft Knowledge Base article:

968078 MS09-016: Description of the ISA Server 2006 hotfix package: April 14, 2009

↑ Back to the top

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

↑ Back to the top

More information

For more information about this vulnerability, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/bulletin/ms09-016.mspx

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

↑ Back to the top

Applies to:

↑ Back to the top

Keywords: KB968077, kbqfe, kbfix, kbbug, kbsurveynew

↑ Back to the top

Article Info

Article ID	:	968077
Revision	:	1
Created on	:	4/14/2009
Published on	:	4/14/2009
Exists online	:	False
Views	:	335

Microsoft KB Archive Search

A cross-site scripting vulnerability in ISA Server 2006 allows for redirection to malicious sites

Symptoms

Cause

Resolution

Status

More information

Applies to: