Short Name |
HTTP:AUDIT:LENGTH-OVER-8192 |
---|---|
Severity |
Major |
Recommended |
No |
Category |
HTTP |
Keywords |
URL Length Over 8192 Bytes |
Release Date |
2009/01/16 |
Update Number |
1352 |
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This protocol anomaly triggers when it detects an HTTP URL that exceeds 8192 bytes in length. While fairly rare, this is not necessarily an indication of an attack.
The Macromedia JRun IIS ISAPI handler is prone to a remotely exploitable buffer overrun condition. The issue is due to a lack of bounds checking on requested filenames. It is possible to trigger the overrun if a filename of excessive length is requested. This vulnerability has been reported to affect Microsoft Windows operating systems. Other platforms may not be affected by this issue.