Imperva SecureSphere Web Application Firewall and Database Firewall Security Bypass Vulnerability

Bugtraq ID: 39472
Class: Design Error
CVE: CVE-2010-1329
Remote: Yes
Local: No
Published: Apr 14 2010 12:00AM
Updated: Apr 14 2010 12:00AM
Credit: Scott Miles and Greag Johnson, Clear Skies Security
Vulnerable: Imperva SecureSphere Web Application Firewall 7.0 .7078 on XOS 8.5.3
Imperva SecureSphere Web Application Firewall 6.2 .6442
Imperva SecureSphere Web Application Firewall 6.0.6 .6302
Imperva SecureSphere Web Application Firewall 6.0.6 .6274
Imperva SecureSphere Web Application Firewall 6.0.5 .6238
Imperva SecureSphere Web Application Firewall 6.0.5 .6230
Imperva SecureSphere Web Application Firewall 6.0.4 .6128 on XOS 8.0/5
Imperva SecureSphere Web Application Firewall 6.0.4 .6128
Imperva SecureSphere Web Application Firewall 5.0 .5082
Imperva SecureSphere Web Application Firewall 7.0.0.7078
Imperva SecureSphere Web Application Firewall 7.0.0.7061
Imperva SecureSphere Web Application Firewall 6.2.0.6463
Imperva SecureSphere MX Management Server and Gateway 6.0
Imperva SecureSphere MX Management Server 5.x
Imperva SecureSphere MX Management Server 5.0
Imperva SecureSphere Database Firewall 7.0 .7078 on XOS 8.5.3
Imperva SecureSphere Database Firewall 7.0 .7078
Imperva SecureSphere Database Firewall 7.0 .7061
Imperva SecureSphere Database Firewall 6.2 .6463
Imperva SecureSphere Database Firewall 6.2 .6442
Imperva SecureSphere Database Firewall 6.0.6 .6302
Imperva SecureSphere Database Firewall 6.0.6 .6274
Imperva SecureSphere Database Firewall 6.0.5 .6238
Imperva SecureSphere Database Firewall 6.0.5 .6230
Imperva SecureSphere Database Firewall 6.0.4 .6128 on XOS 8.0/5
Imperva SecureSphere Database Firewall 6.0.4 .6128
Imperva SecureSphere Database Firewall 5.0 .5082
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus