Signature Detail
Short Name |
HTTP:HTTP-INVALID-PORT-VALUE |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Invalid Port Value in Host Header |
Release Date |
2013/07/22 |
Update Number |
2283 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Invalid Port Value in Host Header
This signature detects invalid values for the optional port value in an HTTP Host: header. There are several products vulnerable to such malformed submissions. A successful attempt could result in arbitrary code execution or denial-of-service condition.
References
- CVE: CVE-2013-4123