CERT home
vulnerabilities & fixesevaluations & practicesresearch & analysistraining & education
homesearchFAQsite indexcontact
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

Vulnerability Note VU#739224

HTTP content scanning systems full-width/half-width Unicode encoding bypass

Overview

Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious HTTP traffic to bypass content scanning systems.

I. Description

Full-width and half-width encoding is a technique for encoding Unicode characters. Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded HTTP traffic. By sending specially-crafted HTTP traffic to a vulnerable content scanning system, an attacker may be able to bypass that content scanning system.

II. Impact

A remote, unauthenticated attacker may be able to bypass HTTP content scanning systems.

III. Solution

Check with your vendor

Refer to the Systems Affected section of this document for information about specific vendors regarding this issue.

Systems Affected

VendorStatusDate Updated
3com, Inc.Vulnerable2007-04-162007-05-17
AlcatelUnknown2007-04-162007-04-16
Apple Computer, Inc.Not Vulnerable2007-04-162007-04-24
AT&TUnknown2007-04-162007-04-16
Avaya, Inc.Unknown2007-04-162007-04-16
Avici Systems, Inc.Unknown2007-04-162007-04-16
Borderware TechnologiesUnknown2007-04-162007-04-16
BroUnknown2007-04-162007-04-16
Charlotte's Web NetworksUnknown2007-04-162007-04-16
Check Point Software TechnologiesUnknown2007-04-162007-04-16
Chiaro Networks, Inc.Unknown2007-04-162007-04-16
Cisco Systems, Inc.Vulnerable2007-04-162007-05-15
CitrixUnknown2007-04-262007-04-26
ClavisterUnknown2007-04-162007-04-16
Computer AssociatesUnknown2007-04-162007-04-16
Computer Associates eTrust Security ManagementUnknown2007-04-162007-04-16
Conectiva Inc.Unknown2007-04-162007-04-16
Cray Inc.Unknown2007-04-162007-04-16
D-Link Systems, Inc.Unknown2007-04-162007-04-16
Data Connection, Ltd.Unknown2007-04-162007-04-16
Debian GNU/LinuxUnknown2007-05-142007-05-14
EMC, Inc. (formerly Data General Corporation)Not Vulnerable2007-04-162007-05-23
Engarde Secure LinuxUnknown2007-04-162007-04-16
Enterasys NetworksNot Vulnerable2007-04-162007-08-29
EricssonUnknown2007-04-162007-04-16
eSoft, Inc.Unknown2007-04-162007-04-16
Extreme NetworksNot Vulnerable2007-04-162009-04-22
F-Secure CorporationUnknown2007-05-242007-05-24
F5 Networks, Inc.Not Vulnerable2007-04-162007-06-19
Fedora ProjectUnknown2007-04-162007-04-16
Force10 Networks, Inc.Not Vulnerable2007-04-162007-05-17
Fortinet, Inc.Unknown2007-04-162007-04-16
Foundry Networks, Inc.Unknown2007-04-162007-04-16
FreeBSD, Inc.Unknown2007-04-162007-04-16
FujitsuUnknown2007-04-162007-04-16
Gentoo LinuxUnknown2007-04-162007-04-16
Global Technology AssociatesUnknown2007-04-162007-04-16
Hewlett-Packard CompanyNot Vulnerable2007-04-162007-04-18
HitachiUnknown2007-04-162007-04-16
HyperchipUnknown2007-04-162007-04-16
IBM CorporationUnknown2007-04-162007-04-16
IBM Corporation (zseries)Unknown2007-04-162007-04-16
IBM eServerUnknown2007-04-162007-04-16
Immunix Communications, Inc.Unknown2007-04-162007-04-16
Imperva, Inc.Not Vulnerable2007-04-302007-05-16
Ingrian Networks, Inc.Unknown2007-04-162007-04-16
Intel CorporationUnknown2007-04-162007-04-16
Internet Security Systems, Inc.Vulnerable2007-04-162007-05-16
IntotoUnknown2007-04-162007-04-16
IP FilterUnknown2007-04-162007-04-16
Juniper Networks, Inc.Unknown2007-04-162007-04-16
Linksys (A division of Cisco Systems)Unknown2007-04-162007-04-16
Lucent TechnologiesUnknown2007-04-162007-04-16
Luminous NetworksUnknown2007-04-162007-04-16
Mandriva, Inc.Unknown2007-04-162007-04-16
McAfeeVulnerable2007-04-162007-05-23
Microsoft CorporationNot Vulnerable2007-04-162007-11-13
MontaVista Software, Inc.Unknown2007-04-162007-04-16
Multinet (owned Process Software Corporation)Unknown2007-04-162007-04-16
Multitech, Inc.Unknown2007-04-162007-04-16
NEC CorporationUnknown2007-04-162007-04-16
NetBSDUnknown2007-04-162007-04-16
netfilterUnknown2007-04-162007-04-16
Network Appliance, Inc.Unknown2007-04-162007-04-16
NextHop Technologies, Inc.Unknown2007-04-162007-04-16
NokiaUnknown2007-04-162007-04-16
Nortel Networks, Inc.Unknown2007-04-162007-04-16
Novell, Inc.Vulnerable2007-04-162007-09-07
OpenBSDUnknown2007-05-142007-05-14
Openwall GNU/*/LinuxUnknown2007-04-162007-04-16
QNX, Software Systems, Inc.Unknown2007-04-162007-04-16
Red Hat, Inc.Unknown2007-04-162007-04-16
Redback Networks, Inc.Unknown2007-04-162007-04-16
Riverstone Networks, Inc.Unknown2007-04-162007-04-16
Secure Computing Network Security DivisionVulnerable2007-04-162007-08-01
Secureworx, Inc.Unknown2007-04-162007-04-16
Silicon Graphics, Inc.Unknown2007-04-162007-04-16
Slackware Linux Inc.Unknown2007-04-162007-04-16
SmoothWallUnknown2007-07-092007-07-09
SnortNot Vulnerable2007-04-162007-05-22
Sony CorporationUnknown2007-04-162007-04-16
SourcefireNot Vulnerable2007-04-162007-05-16
StonesoftVulnerable2007-04-162007-05-22
Sun Microsystems, Inc.Unknown2007-04-162007-04-25
SUSE LinuxUnknown2007-04-162007-04-16
Symantec, Inc.Not Vulnerable2007-04-162007-05-24
The SCO GroupUnknown2007-04-162007-04-16
TippingPoint, Technologies, Inc.Vulnerable2007-04-162007-05-17
Trustix Secure LinuxUnknown2007-04-162007-04-16
TurbolinuxUnknown2007-04-162007-04-16
UbuntuUnknown2007-04-162007-04-16
UnisysUnknown2007-04-162007-04-16
Watchguard Technologies, Inc.Unknown2007-04-162007-04-16
Wind River Systems, Inc.Unknown2007-04-162007-04-16
ZyXELUnknown2007-04-162007-04-16

References


http://www.gamasec.net/english/gs07-01.html
http://www.unicode.org/charts/PDF/UFF00.pdf
http://secunia.com/advisories/25285/
http://www.cisco.com/warp/public/707/cisco-sr-20070514-unicode.shtml
http://secunia.com/advisories/25302/
http://www.frsirt.com/english/advisories/2007/1817
http://www.securityfocus.com/infocus/1232
http://xforce.iss.net/xforce/alerts/id/advise68
https://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html
http://secunia.com/advisories/26692/
http://secunia.com/advisories/27455/

Credit

This issue was reported by Fatih Ozavci and Caglar Cakici of Gamasec Security.

This document was written by Jeff Gennari.

Other Information

Date Public05/14/2007
Date First Published05/14/2007 01:02:14 PM
Date Last Updated04/22/2009
CERT Advisory 
CVE Name 
Metric1.76
Document Revision24

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Copyright 2007 Carnegie Mellon University