NETGEAR FVS318 Router HEX Encoded Character Filter Bypass

2005-01-17T12:24:42
ID OSVDB:13011
Type osvdb
Reporter SecuriNews Research()
Modified 2005-01-17T12:24:42

Description

Vulnerability Description

FVS318 router contains a flaw that may allow a malicious user to bypass URL filtering. The issue is triggered when one or more characters in the URL are HEX encoded. It is possible that the flaw may allow a user to access filtered URL phrases resulting in a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

FVS318 router contains a flaw that may allow a malicious user to bypass URL filtering. The issue is triggered when one or more characters in the URL are HEX encoded. It is possible that the flaw may allow a user to access filtered URL phrases resulting in a loss of integrity.

References:

Vendor URL: http://www.netgear.com Security Tracker: 1012913 Secunia Advisory ID:13787 Related OSVDB ID: 13012 Other Advisory URL: http://www.securinews.com/vuln.htm?vulnid=103 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-01/0190.html CVE-2005-0290