3COM-07-001
TippingPoint™ IPS Unicode Evasion

May 14, 2007

CVE ID:
Not yet assigned.

Affected Vendor:
3Com TippingPoint

Affected Products:
TippingPoint IPS

Severity Assessment : Medium

Vulnerability Details:
3Com has identified an evasion in the TippingPoint IPS product. This evasion may allow remote attackers to bypass detection of some types of malicious web traffic on affected installations.

An attacker can bypass some application security controls using Fullwidth and Halfwidth unicode encoded data with an HTTP POST method.

Update Availability:
This issue has been addressed in all TippingPoint Digital Vaccine’s since DV 7287. Customers can obtain the update through TippingPoint's Threat Management Center simply by downloading the latest Digital Vaccine.

Workarounds:
There are currently no known workarounds for this issue.

Credit:
This issue was reported by Fatih Ozavci and Caglar Cakici of Gamasec Security through the US CERT.

Support:
Technical support is available by contacting TippingPoint Technical Support at 866-681-8324.