Back to search
CVE-2001-0669
Published: Oct 12, 2001
Modified: Aug 8, 2024
PUBLISHED
Description
Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
VU#548515
third-party-advisory
x_refsource_CERT-VN
3292
vdb-entry
x_refsource_BID
20010905 Cisco Secure Intrusion Detection System Signature Obfuscation Vulnerability
vendor-advisory
x_refsource_CISCO
20010905 Multiple Vendor IDS Unicode Bypass Vulnerability
third-party-advisory
x_refsource_ISS
20010905 %u encoding IDS bypass vulnerability
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now