Multiple Novell Content Scanning Systems Full-Width/Half-Width Unicode Scan Bypass Vulnerability

Bugtraq ID:	25568
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Sep 06 2007 12:00AM
Updated:	Sep 06 2007 07:51PM
Credit:	The vendor disclosed this vulnerability.
Vulnerable:	Novell iChain Server 2.3 SP2 Novell iChain Server 2.3 build 269 Novell iChain Server 2.3 Novell BorderManager 3.8 Novell BorderManager 3.9 Novell BorderManager 3.8 SP5 Novell BorderManager 3.8 SP4 2a Novell BorderManager 3.8 SP4 Novell Access Manager 3
Not Vulnerable:	Novell iChain Server 2.3 SP5 Novell BorderManager 3.9 sp1 Novell Access Manager 3 SP1

Multiple Novell Content Scanning Systems Full-Width/Half-Width Unicode Scan Bypass Vulnerability

Novell Access Manager, Novell BorderManager, and Novell iChain are prone to a scan-bypass vulnerability.

An attacker may be able to exploit this issue to send malicious content that will bypass these content-scanning applications. This may result in a false sense of security and potentially aid in further attacks.

Multiple Novell Content Scanning Systems Full-Width/Half-Width Unicode Scan Bypass Vulnerability

An attacker may exploit this issue by distributing maliciously crafted HTTP content.

Multiple Novell Content Scanning Systems Full-Width/Half-Width Unicode Scan Bypass Vulnerability

Solution:
The vendor has released an advisory with updates to address this issue. Please see the referenced advisory for information on obtaining and applying the appropriate updates.

Multiple Novell Content Scanning Systems Full-Width/Half-Width Unicode Scan Bypass Vulnerability

References:

• BorderManager Product Homepage (Novell)
  
• iChain Homepage (Novell)
  
• Security concerns scanning full-width/half-width Unicode encoded traffic (Novell)