Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious HTTP traffic to bypass content scanning systems.
Check out the CERT Vuln Note for status of IPS/IDS vendors.
http://www.kb.cert.org/vuls/id/739224
No comments:
Post a Comment