Signature Detail

Short Name	HTTP:INVALID:INVLD-AUTH-CHAR
Severity	High
Recommended	No
Category	HTTP
Release Date	2004/01/23
Update Number	1213
Supported Platforms	di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Invalid Auth Character

This protocol anomaly detects an HTTP header with an authorization string that contains an invalid character. The authorization line is decoded using base64.

Extended Description

An authorization string containing an invalid character is a protocol anomaly and should be detected.

References

URL: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
URL: http://www.ietf.org/rfc/rfc3548.txt
URL: http://www.faqs.org/rfcs/rfc2617.html

Signature Detail

Short Name

Severity

Recommended

Category

Release Date

Update Number

Supported Platforms

HTTP: Invalid Auth Character

Extended Description

References