BID:39472

Imperva SecureSphere Web Application Firewall and Database Firewall Security Bypass Vulnerability

Info

Imperva SecureSphere Web Application Firewall and Database Firewall Security Bypass Vulnerability

Bugtraq ID:	39472
Class:	Design Error
CVE:	CVE-2010-1329
Remote:	Yes
Local:	No
Published:	Apr 14 2010 12:00AM
Updated:	Apr 14 2010 12:00AM
Credit:	Scott Miles and Greag Johnson, Clear Skies Security
Vulnerable:	Imperva SecureSphere Web Application Firewall 7.0 .7078 on XOS 8.5.3 Imperva SecureSphere Web Application Firewall 6.2 .6442 Imperva SecureSphere Web Application Firewall 6.0.6 .6302 Imperva SecureSphere Web Application Firewall 6.0.6 .6274 Imperva SecureSphere Web Application Firewall 6.0.5 .6238 Imperva SecureSphere Web Application Firewall 6.0.5 .6230 Imperva SecureSphere Web Application Firewall 6.0.4 .6128 on XOS 8.0/5 Imperva SecureSphere Web Application Firewall 6.0.4 .6128 Imperva SecureSphere Web Application Firewall 5.0 .5082 Imperva SecureSphere Web Application Firewall 7.0.0.7078 Imperva SecureSphere Web Application Firewall 7.0.0.7061 Imperva SecureSphere Web Application Firewall 6.2.0.6463 Imperva SecureSphere MX Management Server and Gateway 6.0 Imperva SecureSphere MX Management Server 5.x Imperva SecureSphere MX Management Server 5.0 Imperva SecureSphere Database Firewall 7.0 .7078 on XOS 8.5.3 Imperva SecureSphere Database Firewall 7.0 .7078 Imperva SecureSphere Database Firewall 7.0 .7061 Imperva SecureSphere Database Firewall 6.2 .6463 Imperva SecureSphere Database Firewall 6.2 .6442 Imperva SecureSphere Database Firewall 6.0.6 .6302 Imperva SecureSphere Database Firewall 6.0.6 .6274 Imperva SecureSphere Database Firewall 6.0.5 .6238 Imperva SecureSphere Database Firewall 6.0.5 .6230 Imperva SecureSphere Database Firewall 6.0.4 .6128 on XOS 8.0/5 Imperva SecureSphere Database Firewall 6.0.4 .6128 Imperva SecureSphere Database Firewall 5.0 .5082

Not Vulnerable:

Discussion

Imperva SecureSphere Web Application Firewall and Database Firewall Security Bypass Vulnerability

Imperva SecureSphere Web Application Firewall and Database Firewall are prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass firewall restrictions. Successful exploits may lead to other attacks.

Exploit / POC

Imperva SecureSphere Web Application Firewall and Database Firewall Security Bypass Vulnerability

Attackers can use readily available utilities to exploit this issue.

Solution / Fix

Imperva SecureSphere Web Application Firewall and Database Firewall Security Bypass Vulnerability

Solution:
Updates are available. Please see the references for details.

References

Imperva SecureSphere Web Application Firewall and Database Firewall Security Bypass Vulnerability

References:

Imperva Security Response for CVE-2010-1329 (Imperva)
Vendor Homepage (Imperva)
Imperva SecureSphere Web Application Firewall and Database Firewall Bypass Vuln ( Clear Skies Security )