CVE-2007-3701

TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send certain network traffic and avoid detection, as demonstrated by a cmd.exe attack.
Configurations

Configuration 1

cpe:2.3:a:tippingpoint:tipping_point:400:*:*:*:*:*:*:*
cpe:2.3:o:3com:tippingpoint_ips_tos:2.2:*:*:*:*:*:*:*
cpe:2.3:a:tippingpoint:tipping_point:1200:*:*:*:*:*:*:*
cpe:2.3:o:3com:tippingpoint_ips_tos:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:tippingpoint:tipping_point:50:*:*:*:*:*:*:*
cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.1.6506:*:*:*:*:*:*:*
cpe:2.3:o:3com:tippingpoint_ips_tos:2.1:*:*:*:*:*:*:*
cpe:2.3:a:tippingpoint:tipping_point:5000e:*:*:*:*:*:*:*
cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:tippingpoint:tipping_point:2400e:*:*:*:*:*:*:*
cpe:2.3:a:tippingpoint:tipping_point:sms:*:*:*:*:*:*:*
cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:tippingpoint:tipping_point:zpha:*:*:*:*:*:*:*
cpe:2.3:a:tippingpoint:tipping_point:x505:*:*:*:*:*:*:*
cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:tippingpoint:tipping_point:1200e:*:*:*:*:*:*:*
cpe:2.3:a:tippingpoint:tipping_point:200e:*:*:*:*:*:*:*
cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.4:*:*:*:*:*:*:*
cpe:2.3:o:3com:tippingpoint_ips_tos:2.1.4.6324:*:*:*:*:*:*:*
cpe:2.3:a:tippingpoint:tipping_point:x506:*:*:*:*:*:*:*
cpe:2.3:a:tippingpoint:tipping_point:200:*:*:*:*:*:*:*
cpe:2.3:o:3com:tippingpoint_ips_tos:2.5:*:*:*:*:*:*:*
cpe:2.3:a:tippingpoint:tipping_point:600e:*:*:*:*:*:*:*

Information

Published : 2007-07-11 11:30

Updated : 2018-10-15 09:29


NVD link : CVE-2007-3701

Mitre link : CVE-2007-3701

Products Affected
No products.
CWE