Signature Detail
Short Name |
HTTP:DIR:TRAVERSE-DIRECTORY |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
HTTP |
Release Date |
2003/08/27 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Directory Traversal
This protocol anomaly triggers when it detects an HTTP directory traversal attempt, i.e. /../ or /./. This can indicate an attempt to evade an IDS (IDP is not vulnerable). Note that some Web sites refer to directories in a way that looks like a traversal.
Extended Description
An HTTP request that contains a parent directory string could indicate an attempt to perform an unauthorized directory traversal is underway.
References
- BugTraq: 68849
- BugTraq: 46880
- BugTraq: 5434
- BugTraq: 2218
- BugTraq: 49097
- CVE: CVE-2005-2020
- CVE: CVE-2014-4249
- CVE: CVE-2014-0780
- CVE: CVE-2011-4878
- CVE: CVE-2012-0419
- CVE: CVE-1999-0229
- CVE: CVE-2002-0661
- CVE: CVE-2008-1145
- CVE: CVE-2011-0751
- URL: http://www.imperva.com/application_defense_center/glossary/directory_traversal.html