ID CVE-2007-2688
Summary The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
References
Vulnerable Configurations
  • Cisco IPS Sensor Software 4.0
    cpe:2.3:a:cisco:ips_sensor_software:4.0
  • Cisco IPS Sensor Software 5.0(1)
    cpe:2.3:a:cisco:ips_sensor_software:5.0%281%29
  • Cisco IPS Sensor Software 5.0(2)
    cpe:2.3:a:cisco:ips_sensor_software:5.0%282%29
  • Cisco IPS Sensor Software 5.0(6)p1
    cpe:2.3:a:cisco:ips_sensor_software:5.0%286%29p1
  • Cisco IPS Sensor Software 5.1(1)
    cpe:2.3:a:cisco:ips_sensor_software:5.1%281%29
  • Cisco IPS Sensor Software 5.1(1a)
    cpe:2.3:a:cisco:ips_sensor_software:5.1%281a%29
  • Cisco IPS Sensor Software 5.1(1b)
    cpe:2.3:a:cisco:ips_sensor_software:5.1%281b%29
  • Cisco IPS Sensor Software 5.1(1c)
    cpe:2.3:a:cisco:ips_sensor_software:5.1%281c%29
  • Cisco IPS Sensor Software 5.1(1d)
    cpe:2.3:a:cisco:ips_sensor_software:5.1%281d%29
  • Cisco IPS Sensor Software 5.1(1e)
    cpe:2.3:a:cisco:ips_sensor_software:5.1%281e%29
  • Cisco IPS Sensor Software 5.1(p1)
    cpe:2.3:a:cisco:ips_sensor_software:5.1%28p1%29
  • Cisco IOS 10.0
    cpe:2.3:o:cisco:ios:10.0
  • Cisco IOS 11.1CC
    cpe:2.3:o:cisco:ios:11.1cc
  • Cisco IOS 11.3
    cpe:2.3:o:cisco:ios:11.3
  • Cisco IOS 12.0
    cpe:2.3:o:cisco:ios:12.0
  • Cisco IOS 12.0S
    cpe:2.3:o:cisco:ios:12.0s
  • Cisco IOS 12.0ST
    cpe:2.3:o:cisco:ios:12.0st
  • Cisco IOS 12.0T
    cpe:2.3:o:cisco:ios:12.0t
  • Cisco IOS 12.1
    cpe:2.3:o:cisco:ios:12.1
  • Cisco IOS 12.1E
    cpe:2.3:o:cisco:ios:12.1e
  • Cisco IOS 12.1T
    cpe:2.3:o:cisco:ios:12.1t
  • Cisco IOS 12.2
    cpe:2.3:o:cisco:ios:12.2
  • Cisco IOS 12.2T
    cpe:2.3:o:cisco:ios:12.2t
CVSS
Base: 7.8 (as of 17-05-2007 - 08:52)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
oval via4
accepted 2008-09-08T04:00:25.468-04:00
class vulnerability
contributors
name Yuzheng Zhou
organization Hewlett-Packard
description The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
family ios
id oval:org.mitre.oval:def:5465
status accepted
submitted 2008-05-26T11:06:36.000-04:00
title Multiple Vendor Full and Half Width Unicode Detection Bypass Vulnerability
version 2
refmap via4
bid 23980
bugtraq 20070515 GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability
cert-vn VU#739224
cisco 20070514 HTTP Full-Width and Half-Width Unicode Encoding Evasion
misc http://www.gamasec.net/english/gs07-01.html
osvdb 35336
sectrack
  • 1018053
  • 1018054
secunia 25285
vupen ADV-2007-1803
xf cisco-scanengine-unicode-security-bypass(34277)
Last major update 07-03-2011 - 21:54
Published 15-05-2007 - 21:19
Last modified 30-10-2018 - 12:26
Back to Top