Vulnerabilities > CVE-2001-0669
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 | |
Application | 4 | |
Application | 1 | |
Hardware | 1 |
Exploit-Db
description | Cisco Secure IDS 2.0/3.0,Snort 1.x,ISS RealSecure 5/6,NFR 5.0 Encoded IIS Attack Detection Evasion. CVE-2001-0669. Remote exploits for multiple platform |
id | EDB-ID:21100 |
last seen | 2016-02-02 |
modified | 2001-09-05 |
published | 2001-09-05 |
reporter | blackangels |
source | https://www.exploit-db.com/download/21100/ |
title | Cisco Secure IDS 2.0/3.0,Snort 1.x,ISS RealSecure 5/6,NFR 5.0 Encoded IIS Attack Detection Evasion |