Short Name |
HTTP:AUDIT:FW1-SCHEME-OF |
---|---|
Severity |
Info |
Recommended |
No |
Category |
HTTP |
Keywords |
CheckPoint AI/SD Scheme Overflow |
Release Date |
2004/02/25 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the CheckPoint AI/Smart Defense HTTP proxy engine. Attackers can send an overly long scheme to crash the proxy engine, creating a denial of service (DoS) or enabling the attackers to take control of the firewall as root. False positives can occur when Web servers use the ":" character in file names beyond the 13th character of the path.
Problems in the handling of some types of HTTP requests from remote users have been identified in Check Point Firewall-1 HTTP Application Intelligence and HTTP Security Server. Because of this, it is possible for a remote attacker to gain unauthorized access to a vulnerable system with administrative privileges.