Difference between revisions of "WAF 340614"

From Atomicorp Wiki
Jump to: navigation, search
m
m
Line 15: Line 15:
 
This can be triggered if an application legitimately uses  
 
This can be triggered if an application legitimately uses  
  
It recommended that you report this as a false positive so our security team can determine if this is a legitimate case, or if its clever attack on your systems.  Instructions to report false positives are details on the [[Reporting False Positives]] wiki page.
+
It recommended that you report this as a false positive so our security team can determine if this is a legitimate case, or if its clever attack on your systems.  Instructions to report false positives are detailed on the [[Reporting False Positives]] wiki page.
  
 
'''Similar Rules'''
 
'''Similar Rules'''

Revision as of 18:43, 25 November 2009

Rule ID

340614

Alert Message

Atomicorp.com WAF Rules: Invalid character in ARGS

Description

This rule checks for the NULL character in any Argument or Argument name, except in special cases where it is known that this will occur safely. NULLs can be used to bypass certain security checks and are often used as part of evasion attacks on web application firewalls.

False Positives

This can be triggered if an application legitimately uses

It recommended that you report this as a false positive so our security team can determine if this is a legitimate case, or if its clever attack on your systems. Instructions to report false positives are detailed on the Reporting False Positives wiki page.

Similar Rules

WAF_340613

Outside References

Personal tools