HTTP: Microsoft Internet Explorer SSL Proxy Information Disclosure
This signature detects attempts to exploit a known vulnerability against Internet Explorer. In certain situations, when a proxy server requires Basic Authentication, IE can disclose sensitive information. Attackers can take advantage of this information and gain access to authentication details sent to Web sites.
Extended Description
Microsoft Internet Explorer is prone to an information disclosure vulnerability when using an authenticating proxy server for HTTPS communications. Exploitation of this issue could result in an attacker gaining a user's authentication credentials. This issue only exists when the authenticating proxy uses Basic Authentication.
Affected Products
Avaya s8100_media_servers,Avaya definityone_media_servers
Short Name
HTTP:STC:IE:SSL-PROXY-DIS
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2005-2830 Disclosure Explorer Information Internet Microsoft Proxy SSL bid:15825
Release Date
12/13/2005
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3466
False Positive
Rarely
Vendors
Avaya
Microsoft
CVSS Score
5.0