Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Security

Submission + - Unicode Encoding Implementation Flaw Widespread

LordNikon writes: According to CERT "Full-width and half-width encoding is a technique for encoding Unicode characters. Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded HTTP traffic. By sending specially-crafted HTTP traffic to a vulnerable content scanning system, an attacker may be able to bypass that content scanning system.". Proof of concepts affecting IIS are already being posted to security mailing lists, and Cisco IPS and other IDS products are also affected.

Introducing, the 1010, a one-bit processor. 0 NOP No Operation 1 JMP Jump (address specified by next 2 bits)

Working...