Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:OVERFLOW:AUTHORIZATION |
|---|---|
Severity |
Major |
Recommended |
No |
Category |
HTTP |
Release Date |
2004/02/12 |
Update Number |
1213 |
Supported Platforms |
srx-17.3+, srx-branch-17.4+, vsrx-15.1+, vsrx3bsd-18.2+ |
HTTP: Authorization Overflow
This protocol anomaly triggers when an HTTP authorization header exceeds the user-defined maximum. The default length is 1024 bytes; you can change this setting in the Sensor Settings Rulebase>Protocol Thresholds and Configuration>HTTP>Maximum Authorization Length.
Extended Description
Receiving such a message may indicate an attack attempt. The impact depends on how an HTTP server handles such a malformed message.
References
- BugTraq: 99569
- BugTraq: 37896
- BugTraq: 8375
- BugTraq: 9633
- CVE: CVE-2008-2234
- CVE: CVE-2017-9788
- CVE: CVE-2003-0727
- CVE: CVE-2010-0387
- CVE: CVE-2009-0183
- CVE: CVE-2005-1935
- URL: http://www.kb.cert.org/vuls/id/216324
- URL: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
- URL: http://www.ietf.org/rfc/rfc3548.txt
- URL: http://www.faqs.org/rfcs/rfc2617.html
- URL: http://www.us-cert.gov/cas/techalerts/TA04-041A.html
- URL: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.8