|
|
|
View Notes By
|
|
|
|
Other Documents
|
|
|
|
|
Vulnerability Note VU#739224
HTTP content scanning systems full-width/half-width Unicode encoding bypass
OverviewVarious HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious HTTP traffic to bypass content scanning systems.
I. DescriptionFull-width and half-width encoding is a technique for encoding Unicode characters. Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded HTTP traffic. By sending specially-crafted HTTP traffic to a vulnerable content scanning system, an attacker may be able to bypass that content scanning system. II. ImpactA remote, unauthenticated attacker may be able to bypass HTTP content scanning systems.III. SolutionCheck with your vendor
Refer to the Systems Affected section of this document for information about specific vendors regarding this issue.
Systems Affected
| Vendor | Status | Date Updated |
| 3com, Inc. | Vulnerable | 17-May-2007 |
| Alcatel | Unknown | 16-Apr-2007 |
| Apple Computer, Inc. | Not Vulnerable | 24-Apr-2007 |
| AT&T | Unknown | 16-Apr-2007 |
| Avaya, Inc. | Unknown | 16-Apr-2007 |
| Avici Systems, Inc. | Unknown | 16-Apr-2007 |
| Borderware Technologies | Unknown | 16-Apr-2007 |
| Bro | Unknown | 16-Apr-2007 |
| Charlotte's Web Networks | Unknown | 16-Apr-2007 |
| Check Point Software Technologies | Unknown | 16-Apr-2007 |
| Chiaro Networks, Inc. | Unknown | 16-Apr-2007 |
| Cisco Systems, Inc. | Vulnerable | 15-May-2007 |
| Citrix | Unknown | 26-Apr-2007 |
| Clavister | Unknown | 16-Apr-2007 |
| Computer Associates | Unknown | 16-Apr-2007 |
| Computer Associates eTrust Security Management | Unknown | 16-Apr-2007 |
| Conectiva Inc. | Unknown | 16-Apr-2007 |
| Cray Inc. | Unknown | 16-Apr-2007 |
| D-Link Systems, Inc. | Unknown | 16-Apr-2007 |
| Data Connection, Ltd. | Unknown | 16-Apr-2007 |
| Debian GNU/Linux | Unknown | 14-May-2007 |
| EMC, Inc. (formerly Data General Corporation) | Not Vulnerable | 23-May-2007 |
| Engarde Secure Linux | Unknown | 16-Apr-2007 |
| Enterasys Networks | Not Vulnerable | 29-Aug-2007 |
| Ericsson | Unknown | 16-Apr-2007 |
| eSoft, Inc. | Unknown | 16-Apr-2007 |
| Extreme Networks | Unknown | 16-Apr-2007 |
| F-Secure Corporation | Unknown | 24-May-2007 |
| F5 Networks, Inc. | Not Vulnerable | 19-Jun-2007 |
| Fedora Project | Unknown | 16-Apr-2007 |
| Force10 Networks, Inc. | Not Vulnerable | 17-May-2007 |
| Fortinet, Inc. | Unknown | 16-Apr-2007 |
| Foundry Networks, Inc. | Unknown | 16-Apr-2007 |
| FreeBSD, Inc. | Unknown | 16-Apr-2007 |
| Fujitsu | Unknown | 16-Apr-2007 |
| Gentoo Linux | Unknown | 16-Apr-2007 |
| Global Technology Associates | Unknown | 16-Apr-2007 |
| Hewlett-Packard Company | Not Vulnerable | 18-Apr-2007 |
| Hitachi | Unknown | 16-Apr-2007 |
| Hyperchip | Unknown | 16-Apr-2007 |
| IBM Corporation | Unknown | 16-Apr-2007 |
| IBM Corporation (zseries) | Unknown | 16-Apr-2007 |
| IBM eServer | Unknown | 16-Apr-2007 |
| Immunix Communications, Inc. | Unknown | 16-Apr-2007 |
| Imperva, Inc. | Not Vulnerable | 16-May-2007 |
| Ingrian Networks, Inc. | Unknown | 16-Apr-2007 |
| Intel Corporation | Unknown | 16-Apr-2007 |
| Internet Security Systems, Inc. | Vulnerable | 16-May-2007 |
| Intoto | Unknown | 16-Apr-2007 |
| IP Filter | Unknown | 16-Apr-2007 |
| Juniper Networks, Inc. | Unknown | 16-Apr-2007 |
| Linksys (A division of Cisco Systems) | Unknown | 16-Apr-2007 |
| Lucent Technologies | Unknown | 16-Apr-2007 |
| Luminous Networks | Unknown | 16-Apr-2007 |
| Mandriva, Inc. | Unknown | 16-Apr-2007 |
| McAfee | Vulnerable | 23-May-2007 |
| Microsoft Corporation | Not Vulnerable | 13-Nov-2007 |
| MontaVista Software, Inc. | Unknown | 16-Apr-2007 |
| Multinet (owned Process Software Corporation) | Unknown | 16-Apr-2007 |
| Multitech, Inc. | Unknown | 16-Apr-2007 |
| NEC Corporation | Unknown | 16-Apr-2007 |
| NetBSD | Unknown | 16-Apr-2007 |
| netfilter | Unknown | 16-Apr-2007 |
| Network Appliance, Inc. | Unknown | 16-Apr-2007 |
| NextHop Technologies, Inc. | Unknown | 16-Apr-2007 |
| Nokia | Unknown | 16-Apr-2007 |
| Nortel Networks, Inc. | Unknown | 16-Apr-2007 |
| Novell, Inc. | Vulnerable | 7-Sep-2007 |
| OpenBSD | Unknown | 14-May-2007 |
| Openwall GNU/*/Linux | Unknown | 16-Apr-2007 |
| QNX, Software Systems, Inc. | Unknown | 16-Apr-2007 |
| Red Hat, Inc. | Unknown | 16-Apr-2007 |
| Redback Networks, Inc. | Unknown | 16-Apr-2007 |
| Riverstone Networks, Inc. | Unknown | 16-Apr-2007 |
| Secure Computing Network Security Division | Vulnerable | 1-Aug-2007 |
| Secureworx, Inc. | Unknown | 16-Apr-2007 |
| Silicon Graphics, Inc. | Unknown | 16-Apr-2007 |
| Slackware Linux Inc. | Unknown | 16-Apr-2007 |
| SmoothWall | Unknown | 9-Jul-2007 |
| Snort | Not Vulnerable | 22-May-2007 |
| Sony Corporation | Unknown | 16-Apr-2007 |
| Sourcefire | Not Vulnerable | 16-May-2007 |
| Stonesoft | Vulnerable | 22-May-2007 |
| Sun Microsystems, Inc. | Unknown | 25-Apr-2007 |
| SUSE Linux | Unknown | 16-Apr-2007 |
| Symantec, Inc. | Not Vulnerable | 24-May-2007 |
| The SCO Group | Unknown | 16-Apr-2007 |
| TippingPoint, Technologies, Inc. | Vulnerable | 17-May-2007 |
| Trustix Secure Linux | Unknown | 16-Apr-2007 |
| Turbolinux | Unknown | 16-Apr-2007 |
| Ubuntu | Unknown | 16-Apr-2007 |
| Unisys | Unknown | 16-Apr-2007 |
| Watchguard Technologies, Inc. | Unknown | 16-Apr-2007 |
| Wind River Systems, Inc. | Unknown | 16-Apr-2007 |
| ZyXEL | Unknown | 16-Apr-2007 |
References
http://www.gamasec.net/english/gs07-01.html
http://www.unicode.org/charts/PDF/UFF00.pdf
http://secunia.com/advisories/25285/
http://www.cisco.com/warp/public/707/cisco-sr-20070514-unicode.shtml
http://secunia.com/advisories/25302/
http://www.frsirt.com/english/advisories/2007/1817
http://www.securityfocus.com/infocus/1232
http://xforce.iss.net/xforce/alerts/id/advise68
https://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html
http://secunia.com/advisories/26692/
http://secunia.com/advisories/27455/
Credit
This issue was reported by Fatih Ozavci and Caglar Cakici of Gamasec Security.
This document was written by Jeff Gennari.
Other Information
| Date Public | 05/14/2007 |
| Date First Published | 05/14/2007 01:02:14 PM |
| Date Last Updated | 11/15/2007 |
| CERT Advisory | |
| CVE Name | |
| US-CERT Technical Alerts | |
| Metric | 1.76 |
| Document Revision | 23 |
If you have feedback, comments, or additional information about this vulnerability, please send us
email.
|
|