ID
VAR-201005-0624
TITLE
Cisco Application Control Engine (ACE) HTTP Parsing Security Weakness
Trust: 0.3
sources:
BID: 40002
DESCRIPTION
Cisco Application Control Engine (ACE) is prone to a security weakness that may allow attackers to obfuscate HTTP server log entries. Attackers can exploit this issue to avoid having client IP addresses logged by servers.
Trust: 0.3
sources:
BID: 40002
AFFECTED PRODUCTS
| vendor: | cisco | model: | ace application control engine module 3.0 a2 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | ace appliance a1 | scope: | eq | version: | 4710 | Trust: 0.6 |
| vendor: | cisco | model: | ace appliance | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | ace appliance a3 | scope: | eq | version: | 4710 | Trust: 0.3 |
| vendor: | cisco | model: | ace appliance a2 | scope: | eq | version: | 4710 | Trust: 0.3 |
| vendor: | cisco | model: | ace appliance | scope: | eq | version: | 47100 | Trust: 0.3 |
sources:
BID: 40002
THREAT TYPE
network
Trust: 0.3
sources:
BID: 40002
TYPE
Design Error
Trust: 0.3
sources:
BID: 40002
EXTERNAL IDS
| db: | BID | id: | 40002 | Trust: 0.3 |
sources:
BID: 40002
REFERENCES
| url: | http://www.cisco.com/en/us/products/ps6906/index.html | Trust: 0.3 |
| url: | /archive/1/511169 | Trust: 0.3 |
sources:
BID: 40002
CREDITS
Alexis Tremblay
Trust: 0.3
sources:
BID: 40002
SOURCES
| db: | BID | id: | 40002 |
LAST UPDATE DATE
2022-05-17T02:04:52.342000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 40002 | date: | 2010-05-07T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 40002 | date: | 2010-05-07T00:00:00 |