Vulnerabilities > CVE-2001-0524 - Unspecified vulnerability in Eeye Digital Security Securells

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

eeye-digital-security

NVD

Published: 2001-08-14

Updated: 2024-11-20

Summary

eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier.

Vulnerable Configurations

Part	Description	Count
Application	Eeye_Digital_Security Eeye Digital Security Securells *	1

References

http://archives.neohapsis.com/archives/bugtraq/2001-05/0185.html
http://archives.neohapsis.com/archives/bugtraq/2001-05/0185.html
http://archives.neohapsis.com/archives/bugtraq/2001-05/0197.html
http://archives.neohapsis.com/archives/bugtraq/2001-05/0197.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/6574
https://exchange.xforce.ibmcloud.com/vulnerabilities/6574