JVN#67060882
sISAPILocation vulnerability bypasses HTTP header rewrite function
Overview
sISAPILocation, an ISAPI (Internet Server Application Program Interface) filter, contains a vulnerability that allows the HTTP header rewrite function to be bypassed.
Products Affected
- sISAPILocation Ver1.0.2.1 and earlier
Description
sISAPILocation, developed by an individual developer, is an ISAPI filter for IIS (Internet Information Services). sISAPILocation contains a vulnerability that allows the HTTP header rewrite function to be bypassed.
Impact
When sISAPILocation is used to configure settings, such as to specify character encoding or to set the secure flag for cookies, such settings could be bypassed.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Workarounds
Do not use the Keep-Alive feature on IIS until update is completed.
Vendor Status
| Vendor | Link |
| Tomoki Sanaki |
sISAPILocation (in Japanese) |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Analyzed on 2008.11.06
| Measures | Conditions | Severity |
|---|---|---|
| Access Required | Routed - can be attacked over the Internet using packets |
|
| Authentication | None - anonymous or no authentication (IP addresses do not count) |
|
| User Interaction Required | None - the vulnerability can be exploited without an honest user taking any action |
|
| Exploit Complexity | Low-Medium - some expertise and/or luck required (most buffer overflows, guessing correctly in small space, expertise in Windows function calls) |
|
Credit
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE | |
| JVN iPedia |
JVNDB-2008-000076 |