Internet Security Systems Inc. Information for VU#548515
Multiple intrusion detection systems may be circumvented via %u encoding
- Vendor Information Help Date Notified:
- Statement Date:
- Date Updated: 07 Sep 2001
ISS X-Force has included a patch for this vulnerability in RealSecure Network Sensor X-Press Update 3.2. ISS X-Force recommends that all RealSecure customers download and install the update immediately. RealSecure X-Press Update 3.2 is now available. RealSecure Network Sensor customers can download XPU 3.2 from the following address: http://www.iss.net/db_data/xpu/RS.php
RealSecure Server Sensor version 6.0.1 includes a fix for this vulnerability. RealSecure Server Sensor 6.0.1 will be available for download on September 4, 2001. ISS X-Force recommends that all RealSecure customers upgrade their Windows Server Sensors to version 6.0.1. A patch is being developed for RealSecure Server Sensor 5.5 and will be available on or before August 31, 2001 at the ISS Download Center: http://www.iss.net/eval/eval.php.
BlackICE products are not affected by this vulnerability. Attempts to exploit this vulnerability will trigger the “HTTP URL bad hex code” signature. The next BlackICE product update will specifically address “%u” encoding."
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.