Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:INVALID:GZIP-TRANSACTION |
|---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Release Date |
2016/06/23 |
Update Number |
2747 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Invalid GZIP Transaction
This anomaly is triggered if a mismatch is detected between the indicated value "gzip" in the Content-encoding header and the actual data. The type of payload should start from the pattern "1f 8b" and if it doesn't, it may be an attempt by malware to obfuscate the payload and it will be detected by this anomaly.
References
- CVE: CVE-2004-0797