Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers – is the security community’s go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

TWSL2011-006: IBM Web Application Firewall Bypass

The SpiderLabs team at Trustwave published a new advisory today, which details an issue identified in the IBM Web Application Firewall (WAF). The IBM Web Application Firewall capabilities, inside IBM IPS products, complement IBM Security's portfolio of web application security offerings to deliver end-to-end Web application security solutions. The issue in question was discovered while a penetration test was being performed for a Trustwave client.

The bypass was discovered by Wendel Guglielmetti Henrique, who is a member of the SpiderLabs Network Penetration Testing team. Wendel discovered a method which allowed him to bypass the IBM WAF and perform a SQL injection attack on a vulnerble web server. IBM was very responsive in creating a fix to this issue, and has released a correction in the June "Super Tuesday" patch release.

For further details, please view the full advisory at the following address:

https://www.trustwave.com/spiderlabs/advisories/TWSL2011-006.txt

Additionally, further information can also be viewed in the following links:

http://www.iss.net/security_center/reference/vuln/HTTP_Parameter_Abuse.htm http://xforce.iss.net/xforce/xfdb/67178

Recent SpiderLabs Blog Posts