Title: eEye Digital Security SecureIIS Possible Information Leakage Vulnerability
Severity: HIGH
Description:
SecureIIS is an application firewall by eEye Digital Security. It is designed to protect a host using Microsoft IIS from numerous remote attacks such as, buffer overflows, directory traversal attacks and format string bugs.
It has been reported that SecureIIS exhibits strange behaviour when it recieves large requests (composed of several thousand characters). One of the behaviours that has been reportedly observed is the disclosure of internal memory on error pages in response to excessive requests. The original report stated that in one instance, information about the configuration was disclosed to the attacker sending the request.
The disclosure of this information may be a threat. Information about the configuration of the server and SecureIIS may assist in further and more 'intelligent' attacks against the server and network. Additionally, if a buffer overflow type condition exists, there may be other ways to exploit this vulnerability with more serious consequences.
It is not known why this occurs, and it does not yet appear to be consistently reproducible.
Further information is forthcoming.
Affected Products:
- eEye Digital Security SecureIIS 1.0.2
References:
- eEye Digital Security: SecureIIS Product Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
