Description
Microsoft Internet Security and Acceleration (ISA) Server 2004 allows remote attackers to bypass file extension filters via a request with a trailing "#" character. NOTE: as of 20060715, this could not be reproduced by third parties.
Affected products
- Microsoft / isa_server2004 – 2004
References
- MISChttp://www.securityfocus.com/archive/1/440446/100/0/threaded
- MISChttp://www.securityfocus.com/archive/1/440558/100/0/threaded
- MISChttp://www.securityfocus.com/bid/18994
- MISChttp://www.securityfocus.com/archive/1/440105/100/0/threaded
- MISChttp://www.securityfocus.com/archive/1/440299/100/0/threaded
- MISChttp://securitytracker.com/id?1016506
- MISChttp://www.securityfocus.com/archive/1/440247/100/0/threaded