Imperva Security Response for VU#739224
Comments: Initial Version
The U.S. Computer Emergency Response Team (US-CERT) has reported a Web attack evasion technique using full-width and half-width Unicode characters intended to evade inspection by IDS/IPS/WAF security products.
The full US-CERT advisory is posted at the following URL: http://www.kb.cert.org/vuls/id/739224
By default, SecureSphere HTTP protocol validation will detect attempts at using this evasion technique and either block or alert according to policy.
For those users requiring use of this encoding format, Imperva released a security update via the ADC security update service on May 10, 2007. This update is available to customers with current product maintenance for SecureSphere. Interested customers should contact Imperva support (firstname.lastname@example.org) for assistance in implementing and configuring the update.