HTTP: URL Length Over 8192 Bytes
This protocol anomaly triggers when it detects an HTTP URL that exceeds 8192 bytes in length. While fairly rare, this is not necessarily an indication of an attack.
Extended Description
The Macromedia JRun IIS ISAPI handler is prone to a remotely exploitable buffer overrun condition. The issue is due to a lack of bounds checking on requested filenames. It is possible to trigger the overrun if a filename of excessive length is requested. This vulnerability has been reported to affect Microsoft Windows operating systems. Other platforms may not be affected by this issue.
Affected Products
Macromedia jrun
References
BugTraq: 6122
Short Name
HTTP:AUDIT:LENGTH-OVER-8192
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
8192 Bytes Length Over URL bid:6122
Release Date
01/16/2009
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3577
False Positive
Occasionally
Vendors
Macromedia