Short Name |
HTTP:OVERFLOW:AUTH-OVERFLOW |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Authorization Header Overflow |
Release Date |
2010/04/27 |
Update Number |
1668 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects an overly long HTTP "Authorization" header field value. This type of attack is most likely an attempt to exploit a buffer overflow condition in a Web server.
In a paper titled "Variations in exploit methods between Linux and Windows" presented at Blackhat 2003, David Litchfield has illustrated multiple vulnerabilities in the Oracle 9i XML Database (XDB). Successful exploits may allow remote attackers to run arbitrary code in the security context of the vulnerable service.