Vulnerability Note VU#739224

HTTP content scanning systems full-width/half-width Unicode encoding bypass

Original Release date: 14 May 2007 | Last revised: 22 Apr 2009

Overview

Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious HTTP traffic to bypass content scanning systems.

Description

Full-width and half-width encoding is a technique for encoding Unicode characters. Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded HTTP traffic. By sending specially-crafted HTTP traffic to a vulnerable content scanning system, an attacker may be able to bypass that content scanning system.

Impact

A remote, unauthenticated attacker may be able to bypass HTTP content scanning systems.

Solution

Check with your vendor

Refer to the Systems Affected section of this document for information about specific vendors regarding this issue.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
3com, Inc.Affected16 Apr 200717 May 2007
Cisco Systems, Inc.Affected16 Apr 200715 May 2007
Internet Security Systems, Inc.Affected16 Apr 200716 May 2007
McAfeeAffected16 Apr 200723 May 2007
Novell, Inc.Affected16 Apr 200707 Sep 2007
Secure Computing Network Security DivisionAffected16 Apr 200701 Aug 2007
StonesoftAffected16 Apr 200722 May 2007
TippingPoint, Technologies, Inc.Affected16 Apr 200717 May 2007
Apple Computer, Inc.Not Affected16 Apr 200724 Apr 2007
EMC, Inc. (formerly Data General Corporation)Not Affected16 Apr 200723 May 2007
Enterasys NetworksNot Affected16 Apr 200729 Aug 2007
Extreme NetworksNot Affected16 Apr 200722 Apr 2009
F5 Networks, Inc.Not Affected16 Apr 200719 Jun 2007
Force10 Networks, Inc.Not Affected16 Apr 200717 May 2007
Hewlett-Packard CompanyNot Affected16 Apr 200718 Apr 2007
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

This issue was reported by Fatih Ozavci and Caglar Cakici of Gamasec Security.

This document was written by Jeff Gennari.

Other Information

  • CVE IDs: Unknown
  • Date Public: 14 May 2007
  • Date First Published: 14 May 2007
  • Date Last Updated: 22 Apr 2009
  • Severity Metric: 1.76
  • Document Revision: 24

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.