Vulnerabilities > CVE-2001-0669

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
cisco
iss
snort
enterasys
exploit available

Summary

Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL.

Exploit-Db

descriptionCisco Secure IDS 2.0/3.0,Snort 1.x,ISS RealSecure 5/6,NFR 5.0 Encoded IIS Attack Detection Evasion. CVE-2001-0669. Remote exploits for multiple platform
idEDB-ID:21100
last seen2016-02-02
modified2001-09-05
published2001-09-05
reporterblackangels
sourcehttps://www.exploit-db.com/download/21100/
titleCisco Secure IDS 2.0/3.0,Snort 1.x,ISS RealSecure 5/6,NFR 5.0 Encoded IIS Attack Detection Evasion