Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:AUDIT:UNWISE-CHAR

Severity

 Medium

Recommended

 No

Category

 HTTP

Keywords

 RFC Compliance Audit

Release Date

 2011/10/11

Update Number

 2008

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Unwise Characters in URL


This signature detects "unwise" characters in a URL, as defined by RFC-2396, "Uniform Resource Identifiers (URI): Generic Syntax". These characters may be an indication that SQL injection or other malicious activity may be occurring. It could also be the result of improper or poor web application design. If you are seeing a large number of hits on this signature to confirmed benign web applications, you may need to exempt those web applications until those web applications can be corrected. This is not a false positive, as the web application is failing to adhere to RFC standards.

References

  • URL: http://www.ietf.org/rfc/rfc2396.txt

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out