Foundry Networks ServerIron Encoded URI Load Balancing Bypass Weakness

The ServerIron family of products from Foundry Networks is a series of high performance internet web switches. Among the included features are several options for load balancing between collections of web servers. Several methods are supported, including the option to perform simple pattern matches on requested URLs.

Reportedly, ServerIron does not fully decode URLs when doing this pattern matching. A malicious HTTP request may bypass all patterns, and be assigned based on default rules. Under some applications, this could lead to the exposure of sensitive information when web servers recieve requests they are not configured to handle.

This is not a vulnerability in the ServerIron product, but may allow an attacker to exploit weakly configured machines behind the switch.


Privacy Statement
Copyright 2010, SecurityFocus