📄 119-13.txt
字号:
Rule: --Sid: 119-13-- Summary: This event is generated when the pre-processor http_inspectdetects network traffic that may constitute an attack.-- Impact: Unknown.--Detailed Information:This event is generated when the http_inspect pre-processor detects theuse of a newline "\n" character as a delimeter. This is non-standard butis accepted by both Apache and IIS web servers.--Affected Systems: All web servers--Attack Scenarios: An attacker may supply the newline character as the delimeter in a webrequest.-- Ease of Attack: Simple.-- False Positives:None Known.--False Negatives:None Known.-- Corrective Action:Check the target host for signs of compromise.Apply any appropriate vendor supplied patches.--Contributors:Daniel Roelker <droelker@sourcefire.com> Sourcefire Vulnerability Research TeamNigel Houghton <nigel.houghton@sourcefire.com>-- Additional References:HTTP IDS Evasions Revisited - Daniel Roelkerhttp://docs.idsresearch.org/http_ids_evasions.pdf--⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -