Signature Detail

Short Name	SMTP:OVERFLOW:FILENAME
Severity	High
Recommended	No
Category	SMTP
Release Date	2003/04/22
Update Number	1213
Supported Platforms	di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SMTP: Attachment Filename Overflow

This protocol anomaly detects an SMTP content-disposition filename that exceeds the user-defined maximum. The default number of bytes in a content-disposition filename is 128; you can change this setting in the Sensor Settings Rulebase>Protocol Thresholds and Configuration>SMTP>Maximum length of the value for content-disposition's filename attribute.

Extended Description

The default size of a Content-Disposition file name is 128 bytes. An SMTP Content-Disposition file name that exceeds the user-defined maximum length is a protocol anomaly and should be detected.

References

URL: http://www.faqs.org/rfcs/rfc2821.html
URL: http://www.faqs.org/rfcs/rfc1521.html

Signature Detail

Short Name

Severity

Recommended

Category

Release Date

Update Number

Supported Platforms

SMTP: Attachment Filename Overflow

Extended Description

References