CVE-2011-3140

Currently unrated

Key Information:

Vendor: IBM
Status: Web Application Firewall; G400 Ips-g400-ib-1 Appliance; Gx4004 Ips-gx4004-ib-2 Appliance
Vendor: CVE Published:; 15 August 2011

Summary

IBM Web Application Firewall, as used on the G400 IPS-G400-IB-1 and GX4004 IPS-GX4004-IB-2 appliances with update 31.030, does not properly handle query strings with multiple instances of the same parameter, which allows remote attackers to bypass intended intrusion prevention by dividing a dangerous parameter value into substrings, as demonstrated by a SQL statement that is split across multiple iid parameters and then sent to a .aspx file on an IIS web server.

References

https://www.trustwave.com/spiderlabs/advisories/TWSL2011-...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/67178

vdb-entryx_refsource_XF

http://securityreason.com/securityalert/8339

third-party-advisoryx_refsource_SREASON

Timeline

Vulnerability published
Aug 15, 2011
Vulnerability Reserved
Aug 15, 2011