Notified: April 16, 2007 Updated: May 17, 2007
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
See http://www.3com.com/securityalert/alerts/3COM-07-001.html for more details.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 24, 2007
Statement Date: April 20, 2007
Not Affected
No Apple products currently provide this type of IDS/IPS functionality. We are not affected by this evasion technique.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: May 15, 2007
Affected
Cisco has released a Security Response regarding CERT/CC Vulnerability Note #739224 which has been posted at: http://www.cisco.com/warp/public/707/cisco-sr-20070514-unicode.shtml The most up-to-date information on all Cisco product security issues may be found at: http://www.cisco.com/go/psirt
We are not aware of further vendor information regarding this vulnerability.
See http://www.cisco.com/warp/public/707/cisco-sr-20070514-unicode.shtml for more details.
Notified: April 26, 2007 Updated: April 26, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: May 23, 2007
Not Affected
No EMC product currently provides IDS/IPS functionality.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: August 29, 2007
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 22, 2009
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 16, 2007 Updated: June 19, 2007
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: May 17, 2007
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: May 24, 2007 Updated: May 24, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 18, 2007
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 30, 2007 Updated: May 16, 2007
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
See http://www.imperva.com/application_defense_center/papers/cert739224-unicodebypass-051507.html for more details.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: May 16, 2007
Affected
IBM Internet Security Systems updated its Proventia products to contain this evasion technique on May 8, 2007. The HTTP Post normalization logic has been updated to address an evasion that can occur when parsing Microsoft Unicode syntax. This issue was reported to IBM/ISS by Fatih Ozavci and Caglar Cakici of GamaSec (http://www.gamasec.net/english/gs07-01.html).
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: May 23, 2007
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
See https://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC&docType=kc&externalId=612970&sliceId=SAL_Public&dialogID=3630614&stateId=1%200%203626677 for more details.
Notified: April 16, 2007 Updated: November 13, 2007
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: September 07, 2007
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
See https://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html for more details.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: August 01, 2007
Affected
Sidewinder G2 and Sidewinder 7.0 Firewall base system: Not Vulnerable Sidewinder G2 and the Sidewinder 7.0 Firewall base system does not have any elements which could be bypassed by this attack. Sidewinder 7.0 IPS premium feature: Vulnerable By design, the Sidewinder 7's IPS subsystem detects attempts to use this evasion technique, as well as other evasive encodings, and will either block or audit as configured. However, due to a software issue this protection can be bypassed. A software update (Sidewinder 7.0.0.02.H02) was released on 7/3/07 to correct this flaw, and is available to all customers with a current support contract. SnapGear: Vulnerable SnapGear products at version 3.1.5 and earlier include a vulnerable version of Snort. This will be corrected in an upcoming release.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 09, 2007 Updated: July 09, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: May 22, 2007
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: May 16, 2007
Not Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: May 22, 2007
Affected
StoneGate IPS version 4.0 and later have a good HTTP client request normalization and therefore can detect HTTP attacks that use this evasion technique. However, Stonesoft StoneGate IPS versions earlier than 4.0 are affected.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 25, 2007
Statement Date: April 19, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: May 24, 2007
Not Affected
Symantec has tested and verified that none of its products are vulnerable to this issue.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: May 17, 2007
Affected
TippingPoint is dedicated to the security of our customers and a fix has been made available that will ship in all Digital Vaccine's released since DV7280.
We are not aware of further vendor information regarding this vulnerability.
http://www.3com.com/securityalert/alerts/3COM-07-001.html
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: April 16, 2007 Updated: April 16, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.