Difference between revisions of "WAF 340152"
(Created page with ''''Rule ID''' 340152 '''Alert Message''' Request Body Parsing Failed. <ERROR MESSAGE FOR YOUR SYSTEM>: check your application or client for errors, this is not a false posi…') |
m |
||
| Line 9: | Line 9: | ||
'''Description''' | '''Description''' | ||
| − | This is not a triggered rule, but a rule that is triggered by an error in your application or client. This is not a false positive, it seemly means that your application or client threw an error that the | + | This is not a triggered rule, but a rule that is triggered by an error in your application or client. Typically is is caused when a multipart/request-data parser or XML parser fails to properly parse a request payload. |
| + | |||
| + | This is not a false positive, it seemly means that your application or client threw an error mean that the multipart message could not be assembled. Check your applicant or client for the cause of this error. | ||
| + | |||
| + | It is not recommended you disable this rule. Doing so will leave your system open to [[impedance mismatch attacks]]. It is possible, for example, that a payload that cannot be parsed by ModSecurity can be successfully parsed by a more tolerant parser operating in the application. Therefore an attack could be pass through without detection. | ||
'''False Positives''' | '''False Positives''' | ||
| − | There are no known False Positives for this. | + | There are no known False Positives for this rule. |
'''Similar Rules''' | '''Similar Rules''' | ||
Revision as of 15:19, 26 October 2010
Rule ID
340152
Alert Message
Request Body Parsing Failed. <ERROR MESSAGE FOR YOUR SYSTEM>: check your application or client for errors, this is not a false positive.
Description
This is not a triggered rule, but a rule that is triggered by an error in your application or client. Typically is is caused when a multipart/request-data parser or XML parser fails to properly parse a request payload.
This is not a false positive, it seemly means that your application or client threw an error mean that the multipart message could not be assembled. Check your applicant or client for the cause of this error.
It is not recommended you disable this rule. Doing so will leave your system open to impedance mismatch attacks. It is possible, for example, that a payload that cannot be parsed by ModSecurity can be successfully parsed by a more tolerant parser operating in the application. Therefore an attack could be pass through without detection.
False Positives
There are no known False Positives for this rule.
Similar Rules
Outside References
