Back to search
CVE-2011-3140
Published: Aug 15, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
IBM Web Application Firewall, as used on the G400 IPS-G400-IB-1 and GX4004 IPS-GX4004-IB-2 appliances with update 31.030, does not properly handle query strings with multiple instances of the same parameter, which allows remote attackers to bypass intended intrusion prevention by dividing a dangerous parameter value into substrings, as demonstrated by a SQL statement that is split across multiple iid parameters and then sent to a .aspx file on an IIS web server.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://www.trustwave.com/spiderlabs/advisories/TWSL2011-006.txt
x_refsource_MISC
http-parameter-pollution(67178)
vdb-entry
x_refsource_XF
8339
third-party-advisory
x_refsource_SREASON
48370
vdb-entry
x_refsource_BID
20110621 TWSL2011-006: IBM Web Application Firewall Bypass
mailing-list
x_refsource_BUGTRAQ
http://www.iss.net/security_center/reference/vuln/HTTP_Parameter_Abuse.htm
x_refsource_CONFIRM
1025683
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now