Difference between revisions of "WAF 340613"
(Created page with ''''Rule ID''' 340613 '''Alert Message''' Atomicorp.com WAF Rules: Invalid character in request or headers '''Description''' This rule checks for the NULL character in a…')
|Line 19:||Line 19:|
Revision as of 18:37, 25 November 2009
Atomicorp.com WAF Rules: Invalid character in request or headers
This rule checks for the NULL character in any URI, Filename, Header name or Header, except for Cookies and special known cases. NULLs can be used to bypass certain security checks and are often used as part of evasion attacks on web application firewalls.
This can be triggered if an application legitimately uses
It recommended that you report this as a false positive so our security team can determine if this is a legitimate case, or if its clever attack on your systems. Instructions to report false positives are details on the Reporting False Positives wiki page.