Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:IIS:ENCODING:UNICODE-BP

Severity

 Warning

Recommended

 No

Category

 HTTP

Keywords

 Half-Full Width Unicode Encoding and Double Encoding Bypass

Release Date

 2007/05/17

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Half-Full Width Unicode Encoding and Double Encoding Bypass


This signatures detects unicode encoding in HTTP requests. Some IPS do not decode unicode in HTTP requests properly. An attacker can attempt to evade the IPS by using such encoding.

Extended Description

Multiple products are reportedly prone to a vulnerability that may allow malicious HTTP traffic to bypass detection. Attackers may send this type of HTTP data to evade detection and perform further attacks. Cisco has stated that all IOS releases that support the Firewall/IPS feature set are affected. Although we currently have no definitive list of such versions, Symantec is investigating the matter and will update this BID's list of vulnerable systems appropriately.

Affected Products

  • Cisco intrusion_prevention_system 4.X
  • Cisco intrusion_prevention_system 5.0.0 (1)
  • Cisco intrusion_prevention_system 5.0.0 (2)
  • Cisco intrusion_prevention_system 5.0.0 (3)
  • Cisco intrusion_prevention_system 5.0(6P1)
  • Cisco intrusion_prevention_system 5.0(6p2)
  • Cisco intrusion_prevention_system 5.1(1)
  • Cisco intrusion_prevention_system 5.1(1B)
  • Cisco intrusion_prevention_system 5.1(1C)
  • Cisco intrusion_prevention_system 5.1(1D)
  • Cisco intrusion_prevention_system 5.1(1E)
  • Cisco intrusion_prevention_system 5.1(2)
  • Cisco intrusion_prevention_system 5.1(P1)
  • Cisco intrustion_prevention_software 5.1(1A)
  • Cisco ios 12.3
  • Cisco ios 12.3.0 -7-JA2
  • Cisco ios 12.3(10)
  • Cisco ios 12.3(10)A
  • Cisco ios 12.3(10C)
  • Cisco ios 12.3(10D)
  • Cisco ios 12.3(10E)
  • Cisco ios 12.3(10)T
  • Cisco ios 12.3(11)
  • Cisco ios 12.3(11R)T2
  • Cisco ios 12.3(11)T
  • Cisco ios 12.3(11)T10
  • Cisco ios 12.3(11)T2
  • Cisco ios 12.3(11)T4
  • Cisco ios 12.3(11)T5
  • Cisco ios 12.3(11)T6
  • Cisco ios 12.3(11)T8
  • Cisco ios 12.3(11)XL
  • Cisco ios 12.3(11)XL3
  • Cisco ios 12.3(11)YF
  • Cisco ios 12.3(11)YF2
  • Cisco ios 12.3(11)YF3
  • Cisco ios 12.3(11)YF4
  • Cisco ios 12.3(11)YJ
  • Cisco ios 12.3(11)YK
  • Cisco ios 12.3(11)YK1
  • Cisco ios 12.3(11)YK2
  • Cisco ios 12.3(11)YL
  • Cisco ios 12.3(11)YN
  • Cisco ios 12.3(11)YR
  • Cisco ios 12.3(11)YS
  • Cisco ios 12.3(11)YS1
  • Cisco ios 12.3(11)YW
  • Cisco ios 12.3(11)YZ1
  • Cisco ios 12.3(12)
  • Cisco ios 12.3(12A)
  • Cisco ios 12.3(12B)
  • Cisco ios 12.3(12D)
  • Cisco ios 12.3(12E)
  • Cisco ios 12.3(12)T
  • Cisco ios 12.3(13)
  • Cisco ios 12.3(13A)
  • Cisco ios 12.3(13A)BC
  • Cisco ios 12.3(13A)BC1
  • Cisco ios 12.3(13B)
  • Cisco ios 12.3(13)T
  • Cisco ios 12.3(14)T
  • Cisco ios 12.3(14)T2
  • Cisco ios 12.3(14)T4
  • Cisco ios 12.3(14)T5
  • Cisco ios 12.3(14)T7
  • Cisco ios 12.3(14)T8
  • Cisco ios 12.3(14)T9
  • Cisco ios 12.3(14)YG5
  • Cisco ios 12.3(14)YM4
  • Cisco ios 12.3(14)YM8
  • Cisco ios 12.3(14)YQ
  • Cisco ios 12.3(14)YQ1
  • Cisco ios 12.3(14)YQ3
  • Cisco ios 12.3(14)YQ4
  • Cisco ios 12.3(14)YQ8
  • Cisco ios 12.3(14)YT
  • Cisco ios 12.3(14)YT1
  • Cisco ios 12.3(14)YU
  • Cisco ios 12.3(14)YU1
  • Cisco ios 12.3(14)YX
  • Cisco ios 12.3(14)YX2
  • Cisco ios 12.3(15)
  • Cisco ios 12.3(15A)
  • Cisco ios 12.3(15B)
  • Cisco ios 12.3(16)
  • Cisco ios 12.3(17B)BC3
  • Cisco ios 12.3(18)
  • Cisco ios 12.3(1A)
  • Cisco ios 12.3(1)T
  • Cisco ios 12.3(20)
  • Cisco ios 12.3(21)
  • Cisco ios 12.3(2)JA
  • Cisco ios 12.3(2)JA5
  • Cisco ios 12.3(2)JK
  • Cisco ios 12.3(2)JK1
  • Cisco ios 12.3(2)JL
  • Cisco ios 12.3(2)T
  • Cisco ios 12.3(2)T3
  • Cisco ios 12.3(2)T8
  • Cisco ios 12.3(2)XA4
  • Cisco ios 12.3(2)XA5
  • Cisco ios 12.3(2)XC1
  • Cisco ios 12.3(2)XC2
  • Cisco ios 12.3(2)XC3
  • Cisco ios 12.3(2)XC4
  • Cisco ios 12.3(2)XE3
  • Cisco ios 12.3(2)XE4
  • Cisco ios 12.3(3A)
  • Cisco ios 12.3(3E)
  • Cisco ios 12.3(3H)
  • Cisco ios 12.3(3I)
  • Cisco ios 12.3(3)T
  • Cisco ios 12.3(4)EO1
  • Cisco ios 12.3(4)JA
  • Cisco ios 12.3(4)JA1
  • Cisco ios 12.3(4)T
  • Cisco ios 12.3(4)T1
  • Cisco ios 12.3(4)T13
  • Cisco ios 12.3(4)T2
  • Cisco ios 12.3(4)T3
  • Cisco ios 12.3(4)T4
  • Cisco ios 12.3(4)T8
  • Cisco ios 12.3(4)Tpc11a
  • Cisco ios 12.3(4)XD
  • Cisco ios 12.3(4)XD1
  • Cisco ios 12.3(4)XD2
  • Cisco ios 12.3(4)XE4
  • Cisco ios 12.3(4)XG1
  • Cisco ios 12.3(4)XG2
  • Cisco ios 12.3(4)XG4
  • Cisco ios 12.3(4)XG5
  • Cisco ios 12.3(4)XH
  • Cisco ios 12.3(4)XK
  • Cisco ios 12.3(4)XK1
  • Cisco ios 12.3(4)XK3
  • Cisco ios 12.3(4)XK4
  • Cisco ios 12.3(4)XQ
  • Cisco ios 12.3(4)XQ1
  • Cisco ios 12.3(5)
  • Cisco ios 12.3(5A)
  • Cisco ios 12.3(5A)B
  • Cisco ios 12.3(5A)B2
  • Cisco ios 12.3(5A)B5
  • Cisco ios 12.3(5B)
  • Cisco ios 12.3(5)B1
  • Cisco ios 12.3(5C)
  • Cisco ios 12.3(5E)
  • Cisco ios 12.3(5F)
  • Cisco ios 12.3(5)T
  • Cisco ios 12.3(6)
  • Cisco ios 12.3(6A)
  • Cisco ios 12.3(6D)
  • Cisco ios 12.3(6E)
  • Cisco ios 12.3(6F)
  • Cisco ios 12.3(6)T
  • Cisco ios 12.3(7.7)
  • Cisco ios 12.3(7)JA
  • Cisco ios 12.3(7)JA1
  • Cisco ios 12.3(7)JX
  • Cisco ios 12.3(7)T
  • Cisco ios 12.3(7)T10
  • Cisco ios 12.3(7)T11
  • Cisco ios 12.3(7)T12
  • Cisco ios 12.3(7)T4
  • Cisco ios 12.3(7)T8
  • Cisco ios 12.3(7)T9
  • Cisco ios 12.3(7)XI3
  • Cisco ios 12.3(7)XI4
  • Cisco ios 12.3(7)XI7
  • Cisco ios 12.3(7)Xi8a
  • Cisco ios 12.3(7)XI9
  • Cisco ios 12.3(7)XR3
  • Cisco ios 12.3(7)XR4
  • Cisco ios 12.3(7)XR6
  • Cisco ios 12.3(8)JA
  • Cisco ios 12.3(8)JA1
  • Cisco ios 12.3(8)JK
  • Cisco ios 12.3(8)T
  • Cisco ios 12.3(8)T10
  • Cisco ios 12.3(8)T11
  • Cisco ios 12.3(8)T4
  • Cisco ios 12.3(8)T7
  • Cisco ios 12.3(8)T8
  • Cisco ios 12.3(8)T9
  • Cisco ios 12.3(8)XU2
  • Cisco ios 12.3(8)XY4
  • Cisco ios 12.3(8)XY5
  • Cisco ios 12.3(8)XY6
  • Cisco ios 12.3(8)YA1
  • Cisco ios 12.3(8)YD
  • Cisco ios 12.3(8)YF
  • Cisco ios 12.3(8)YG
  • Cisco ios 12.3(8)YG1
  • Cisco ios 12.3(8)YG2
  • Cisco ios 12.3(8)YG3
  • Cisco ios 12.3(8)YG5
  • Cisco ios 12.3(8)YH
  • Cisco ios 12.3(8)YI
  • Cisco ios 12.3(8)YI1
  • Cisco ios 12.3(8)YI3
  • Cisco ios 12.3(9)
  • Cisco ios 12.3(9A)BC
  • Cisco ios 12.3(9A)BC2
  • Cisco ios 12.3(9A)BC6
  • Cisco ios 12.3(9A)BC7
  • Cisco ios 12.3(9B)
  • Cisco ios 12.3(9C)
  • Cisco ios 12.3(9D)
  • Cisco ios 12.3(9E)
  • Cisco ios 12.3(9)T
  • Cisco ios 12.3B
  • Cisco ios 12.3BC
  • Cisco ios 12.3BW
  • Cisco ios 12.3JA
  • Cisco ios 12.3JEA
  • Cisco ios 12.3JEB
  • Cisco ios 12.3JK
  • Cisco ios 12.3JL
  • Cisco ios 12.3JX
  • Cisco ios 12.3T
  • Cisco ios 12.3TPC
  • Cisco ios 12.3XA
  • Cisco ios 12.3XB
  • Cisco ios 12.3XC
  • Cisco ios 12.3XD
  • Cisco ios 12.3XE
  • Cisco ios 12.3XF
  • Cisco ios 12.3XG
  • Cisco ios 12.3XH
  • Cisco ios 12.3XI
  • Cisco ios 12.3XJ
  • Cisco ios 12.3XK
  • Cisco ios 12.3XL
  • Cisco ios 12.3XM
  • Cisco ios 12.3XN
  • Cisco ios 12.3XQ
  • Cisco ios 12.3XR
  • Cisco ios 12.3XS
  • Cisco ios 12.3XT
  • Cisco ios 12.3XU
  • Cisco ios 12.3XV
  • Cisco ios 12.3XW
  • Cisco ios 12.3XX
  • Cisco ios 12.3XY
  • Cisco ios 12.3XZ
  • Cisco ios 12.3YA
  • Cisco ios 12.3YB
  • Cisco ios 12.3YC
  • Cisco ios 12.3YD
  • Cisco ios 12.3YE
  • Cisco ios 12.3YF
  • Cisco ios 12.3YG
  • Cisco ios 12.3YH
  • Cisco ios 12.3YI
  • Cisco ios 12.3YJ
  • Cisco ios 12.3YK
  • Cisco ios 12.3YL
  • Cisco ios 12.3YM
  • Cisco ios 12.3YN
  • Cisco ios 12.3YQ
  • Cisco ios 12.3YR
  • Cisco ios 12.3YS
  • Cisco ios 12.3YT
  • Cisco ios 12.3YU
  • Cisco ios 12.3YW
  • Cisco ios 12.3YX
  • Cisco ios 12.3YZ
  • Cisco ios 12.4
  • Cisco ios 12.4(1)
  • Cisco ios 12.4(11)T
  • Cisco ios 12.4(12)
  • Cisco ios 12.4(1B)
  • Cisco ios 12.4(1C)
  • Cisco ios 12.4(2)MR
  • Cisco ios 12.4(2)MR1
  • Cisco ios 12.4(2)T
  • Cisco ios 12.4(2)T1
  • Cisco ios 12.4(2)T2
  • Cisco ios 12.4(2)T3
  • Cisco ios 12.4(2)T4
  • Cisco ios 12.4(2)XA
  • Cisco ios 12.4(2)XB
  • Cisco ios 12.4(2)XB2
  • Cisco ios 12.4(3)
  • Cisco ios 12.4(3A)
  • Cisco ios 12.4(3B)
  • Cisco ios 12.4(3D)
  • Cisco ios 12.4(3)T2
  • Cisco ios 12.4(4)MR
  • Cisco ios 12.4(4)T
  • Cisco ios 12.4(4)T2
  • Cisco ios 12.4(5)
  • Cisco ios 12.4(5B)
  • Cisco ios 12.4(6)T
  • Cisco ios 12.4(6)T1
  • Cisco ios 12.4(6)T6
  • Cisco ios 12.4(7)
  • Cisco ios 12.4(7A)
  • Cisco ios 12.4(8)
  • Cisco ios 12.4(9)T
  • Cisco ios 12.4MR
  • Cisco ios 12.4SW
  • Cisco ios 12.4T
  • Cisco ios 12.4XA
  • Cisco ios 12.4XB
  • Cisco ios 12.4XC
  • Cisco ios 12.4XD
  • Cisco ios 12.4XE
  • Cisco ios 12.4XG
  • Cisco ios 12.4XJ
  • Cisco ios 12.4XP
  • Cisco ios 12.4XT
  • Cisco pix_500_series_security_appliance 7.0
  • Cisco pix_500_series_security_appliance 7.1
  • Cisco pix/asa 7.0.0
  • Cisco pix/asa 7.0.1 .4
  • Cisco pix/asa 7.0.4
  • Cisco pix/asa 7.0.4 .3
  • Cisco pix/asa 7.0(5)
  • Cisco pix/asa 7.0(5.2)
  • Cisco pix/asa 7.1(2)
  • Cisco pix/asa 7.1.(2.48)
  • Cisco pix/asa 7.1.(2.49)
  • Cisco pix/asa 7.1(2.5)
  • Cisco pix/asa 7.2(1)
  • Cisco pix/asa 7.2.2
  • Cisco pix/asa 7.2(2.10)
  • Cisco pix/asa 7.2(2.14)
  • Cisco pix/asa 7.2(2.15)
  • Cisco pix/asa 7.2.(2.16)
  • Cisco pix/asa 7.2.(2.17)
  • Cisco pix/asa 7.2.(2.19)
  • Cisco pix/asa 7.2.(2.7)
  • Cisco pix/asa 7.2.(2.8)
  • Stonesoft stonegate_ips_sensor_and_analyzer 2.0.0
  • Stonesoft stonegate_ips_sensor_and_analyzer 2.0.1
  • Stonesoft stonegate_ips_sensor_and_analyzer 2.0.2
  • Tippingpoint 1200e
  • Tippingpoint 200
  • Tippingpoint 200e
  • Tippingpoint 2400e
  • Tippingpoint 50
  • Tippingpoint 5000e
  • Tippingpoint 600e
  • Tippingpoint sms
  • Tippingpoint x505
  • Tippingpoint x506
  • Tippingpoint zpha

References

  • BugTraq: 23980
  • CVE: CVE-2007-2689
  • URL: http://www.gamasec.net/english/gs07-01.html
  • URL: http://www.kb.cert.org/vuls/id/739224
  • URL: http://isc.sans.org/diary.html?storyid=2807

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out