Difference between revisions of "WAF 300114"

From Atomicorp Wiki
Jump to: navigation, search
m
m
 
(One intermediate revision by one user not shown)
Line 7: Line 7:
 
Atomicorp.com WAF Rules: HTTP Smuggling Attack: Inconsistent Content-Length and Transfer-Encoding headers detected
 
Atomicorp.com WAF Rules: HTTP Smuggling Attack: Inconsistent Content-Length and Transfer-Encoding headers detected
  
HTTP Smuggling Attack.
 
  
 
'''Description'''   
 
'''Description'''   
  
This rule detects if Content-Length and Content-Encoding chunked or identity type headers are set on a request.  There is no legitimate traffic that uses this method, this is an attack.
+
This rule detects if Content-Length and Transfer-Encoding chunked or identity type headers are set on a request.  There is no legitimate traffic that uses this method, this is an attack.
  
 
'''False Positives'''
 
'''False Positives'''
Line 21: Line 20:
 
'''Similar Rules'''
 
'''Similar Rules'''
  
[[WAF_340113]]
+
[[WAF_300113]]
  
[[WAF_340112]]
+
[[WAF_300112]]
  
[[WAF_340111]]
+
[[WAF_300111]]
  
 
'''Outside References'''
 
'''Outside References'''

Latest revision as of 13:59, 1 August 2024

Rule ID

300114

Alert Message

Atomicorp.com WAF Rules: HTTP Smuggling Attack: Inconsistent Content-Length and Transfer-Encoding headers detected


Description

This rule detects if Content-Length and Transfer-Encoding chunked or identity type headers are set on a request. There is no legitimate traffic that uses this method, this is an attack.

False Positives

There are no known False Positives for this.

If you believe this is a false positive, it is recommended that you report this to our security team can determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page.

Similar Rules

WAF_300113

WAF_300112

WAF_300111

Outside References

Personal tools