Signature Detail
Short Name |
HTTP:MISC:MS-FOREFRONT-DOS |
|---|---|
Severity |
Medium |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Forefront Unified Access Gateway Null Session Cookie Denial of Service |
Release Date |
2011/10/10 |
Update Number |
2007 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Microsoft Forefront Unified Access Gateway Null Session Cookie Denial of Service
This signature detects attempts to exploit a known vulnerability against Microsoft Forefront Unified Access Gateway server. A successful attack can result in a denial-of-service condition.
Extended Description
Microsoft Forefront Unified Access Gateway is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the web server of the affected application, denying service to legitimate users.
Affected Products
- Microsoft Forefront Unified Access Gateway 2010
- Microsoft Forefront Unified Access Gateway 2010 SP1
- Microsoft Forefront Unified Access Gateway 2010 Update 1
- Microsoft Forefront Unified Access Gateway 2010 Update 2
References
- BugTraq: 49980
- CVE: CVE-2011-2012