Slashdot Mirror

← Back to Stories (view on slashdot.org)

Unicode Encoding Flaw Widespread

Posted by kdawson on from the sneaking-past-the-IDS dept.

LordNikon writes "According to this CERT advisory: 'Full-width and half-width encoding is a technique for encoding Unicode characters. Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded HTTP traffic. By sending specially-crafted HTTP traffic to a vulnerable content scanning system, an attacker may be able to bypass that content scanning system.' A proof of concept affecting IIS is already being posted to security mailing lists. Cisco IPS and other IDS products are also affected." The CERT advisory lists 93 systems, with 6 reported as vulnerable (including 3com, Cisco, and Snort), 5 known not vulnerable (including Apple and HP), and the rest unknown.

6 of 184 comments (clear)

  1. Re:Send your claim in now by QuantumG · · Score: 4, Funny

    IIS 6 hasn't had a public remotely exploitable bug in it. Ever. That's bullshit anyway, I've got dozens of remote exploits for IIS 6.

    Oh, you said public.. hehe, forget I said anything.
    --
    How we know is more important than what we know.
  2. Smelly foreigners by Anonymous Coward · · Score: 0, Funny

    Who needs Unicode anyway? ASCII is good enough for most civilized people. If you can't sufficiently Romanize your language, maybe it's time to just let it die?

    1. Re:Smelly foreigners by ettlz · · Score: 5, Funny

      To think that English doesn't fit in 7-bit ASCII is na\"ive.

    2. Re:Smelly foreigners by Hognoxious · · Score: 2, Funny

      There are no accent marks in English.
      è is sometimes used to indicate that the e in a past participle is pronounced, eg learnèd (rhymes with Bernard) as opposed to learned (rhymes with burned).

      When loan words with accent marks come into English, the accent marks are dropped.
      The umlaut in naïve is retained to indicate that it doesn't rhyme with glaive.

      Loan words that have been in English long enough even tend to have their pronunciations and/or spellings Anglicized.
      Yes, that's why I'm posting from an internet caffay.

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
  3. Re:Apple and HP? by Gadget_Guy · · Score: 2, Funny

    Ooh, poor old BSD sounds really sick there. I hope that it doesn't die!

  4. Re:Hmmmm.... by Anonymous Coward · · Score: 2, Funny

    4) You are an idiot
    5) You are an asshole