Multiple IDS Vendor Encoded IIS Attack Detection Evasion Vulnerability

Bugtraq ID: 3292
Class: Environment Error
CVE:
Remote: Yes
Local: No
Published: Sep 05 2001 12:00AM
Updated: Sep 05 2001 12:00AM
Credit: Credited to 'hsj' as being used in proof of concept code for an unrelated vulnerability. Further research conducted by eEye Digital Security.
Vulnerable: Snort Project Snort 1.8
+ Conectiva Linux 8.0
Snort Project Snort 1.7
Snort Project Snort 1.6.3
Snort Project Snort 1.6.2
Snort Project Snort 1.6.1
Snort Project Snort 1.6
Snort Project Snort 1.5.2
Snort Project Snort 1.5.1
Snort Project Snort 1.5
NFR Network Intrusion Detection 5.0
Internet Security Systems RealSecure Server Sensor 6.0 Win
Internet Security Systems RealSecure Server Sensor 5.5.2 Win
Internet Security Systems RealSecure Server Sensor 5.5.1 Win
Internet Security Systems RealSecure Server Sensor 5.5 Win
Internet Security Systems RealSecure Server Sensor 5.0 Win
Internet Security Systems RealSecure Network Sensor 6.0
Internet Security Systems RealSecure Network Sensor 5.5.2
Internet Security Systems RealSecure Network Sensor 5.5.1
Internet Security Systems RealSecure Network Sensor 5.5
Internet Security Systems RealSecure Network Sensor 5.0
Enterasys Dragon IDS 4.0
Cisco Secure IDS Network Sensor 3.0
Cisco Secure IDS Host Sensor 2.0
Cisco Catalyst 6000 IDS Module
Not Vulnerable: Snort Project Snort 1.8.1
Internet Security Systems RealSecure Server Sensor 6.0.1 Win
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Terminal Services SP2
- Microsoft Windows 2000 Terminal Services SP1
- Microsoft Windows 2000 Terminal Services
- Microsoft Windows NT Enterprise Server 4.0 SP6a
- Microsoft Windows NT Enterprise Server 4.0 SP6
- Microsoft Windows NT Enterprise Server 4.0 SP5
- Microsoft Windows NT Enterprise Server 4.0 SP4
- Microsoft Windows NT Enterprise Server 4.0 SP3
- Microsoft Windows NT Enterprise Server 4.0 SP2
- Microsoft Windows NT Enterprise Server 4.0 SP1
- Microsoft Windows NT Enterprise Server 4.0
- Microsoft Windows NT Server 4.0 SP6a
- Microsoft Windows NT Server 4.0 SP6
- Microsoft Windows NT Server 4.0 SP5
- Microsoft Windows NT Server 4.0 SP4
- Microsoft Windows NT Server 4.0 SP3
- Microsoft Windows NT Server 4.0 SP2
- Microsoft Windows NT Server 4.0 SP1
- Microsoft Windows NT Server 4.0
- Microsoft Windows NT Terminal Server 4.0 SP6
- Microsoft Windows NT Terminal Server 4.0 SP5
- Microsoft Windows NT Terminal Server 4.0 SP4
- Microsoft Windows NT Terminal Server 4.0 SP3
- Microsoft Windows NT Terminal Server 4.0 SP2
- Microsoft Windows NT Terminal Server 4.0 SP1
- Microsoft Windows NT Terminal Server 4.0 alpha
- Microsoft Windows NT Terminal Server 4.0
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
Enterasys Dragon IDS 5.0
Computer Associates eTrust Intrusion Detection 1.5
Computer Associates eTrust Intrusion Detection 1.4.5
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
Cisco Secure IDS Network Sensor 3.0 (2)S6


 

Privacy Statement
Copyright 2010, SecurityFocus