Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:REQERR:URL-VAR-FS |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Format String in URL Variable |
Release Date |
2009/02/17 |
Update Number |
1368 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Format String in URL Variable
This signature detects attempts to exploit a known vulnerability against multiple Web servers. A successful attack can lead to arbitrary code execution.
Extended Description
Problems in the handling of some types of HTTP requests from remote users have been identified in Check Point Firewall-1 HTTP Application Intelligence and HTTP Security Server. Because of this, it is possible for a remote attacker to gain unauthorized access to a vulnerable system with administrative privileges.
Affected Products
- Check_point_software firewall-1 4.1.0
- Check_point_software firewall-1 4.1.0 SP1
- Check_point_software firewall-1 4.1.0 SP2
- Check_point_software firewall-1 4.1.0 SP3
- Check_point_software firewall-1 4.1.0 SP4
- Check_point_software firewall-1 4.1.0 SP5
- Check_point_software firewall-1 4.1.0 SP6
- Check_point_software firewall-1 R55W HFA3
- Check_point_software firewall-1
- Check_point_software next_generation FP1
- Check_point_software next_generation FP2
- Check_point_software next_generation FP3
- Check_point_software next_generation FP3 HF1
- Check_point_software next_generation FP3 HF2
- Check_point_software ng-ai R54
- Check_point_software ng-ai R55
- Check_point_software ng-ai
- Check_point_software nokia_voyager 4.1
References
- BugTraq: 27990
- CVE: CVE-2004-0039
- CVE: CVE-2008-1055
- URL: http://www.milw0rm.com/exploits/7785