Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2001-0669

Published: 30/10/2001 Updated: 18/10/2016
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Secure Intrusion Detection System

Vulnerability Summary

Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort prior to 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote malicious users to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco secure intrusion detection system

iss realsecure network sensor 5.x

iss realsecure network sensor 6.x

iss realsecure server sensor 5.5

iss realsecure server sensor 6.0

snort snort 1.8.1

cisco catalyst 6000 intrusion detection system module

enterasys dragon 4.x

Exploits

Exploit DB: Cisco Secure IDS 2.0/3.0 / Snort 1.x / ISS RealSecure 5/6 / NFR 5.0 - Encoded IIS Detection Evasion
source: wwwsecurityfocuscom/bid/3292/info The Microsoft IIS web server supports a non-standard method of encoding web requests Because this method is non-standard, intrusion detection systems may not detect attacks encoded using this method This vulnerability only affects intrusion detection systems in environments where '%u' unicode e ...

References

NVD-CWE-Otherhttp://xforce.iss.net/alerts/advise95.phphttp://www.cisco.com/warp/public/707/cisco-intrusion-detection-obfuscation-vuln-pub.shtmlhttp://www.kb.cert.org/vuls/id/548515http://www.securityfocus.com/bid/3292http://marc.info/?l=bugtraq&m=99972950200602&w=2https://nvd.nist.govhttps://www.exploit-db.com/exploits/21100/https://www.kb.cert.org/vuls/id/548515
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook