Vulnerability Description
Microsoft Internet Security and Acceleration (ISA) Server 2004 logs unusual ASCII characters in the Host header, including the tab, which allows remote attackers to manipulate portions of the log file and possibly leverage this for other attacks.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Isa Server | 2004 |
References
- http://www.securityfocus.com/archive/1/432947/30/5190/threaded
- http://www.securityfocus.com/archive/1/433074/30/5190/threaded
- http://www.securityfocus.com/archive/1/433141/30/5160/threaded
- http://www.securityfocus.com/archive/1/433350/30/5100/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26233
- http://www.securityfocus.com/archive/1/432947/30/5190/threaded
- http://www.securityfocus.com/archive/1/433074/30/5190/threaded
- http://www.securityfocus.com/archive/1/433141/30/5160/threaded
- http://www.securityfocus.com/archive/1/433350/30/5100/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26233
FAQ
What is CVE-2006-7027?
CVE-2006-7027 is a vulnerability with a CVSS score of 10.0 (HIGH). Microsoft Internet Security and Acceleration (ISA) Server 2004 logs unusual ASCII characters in the Host header, including the tab, which allows remote attackers to manipulate portions of the log file...
How severe is CVE-2006-7027?
CVE-2006-7027 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-7027?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Isa Server.