HTTP: Unexpected Character in URL
This anomaly triggers if it detects unexpected characters (Space,Tab in a URL after the first found space or NULL character in request line). Detection of these extra characters can indicate the URL contains a malicious shell code that can cause damage to your system.
References
CVE: CVE-2015-2080
URL: ftp://ftp.rfc-editor.org/in-notes/rfc1738.txt http://www.microsoft.com/technet/security/advisory/912840.mspx http://wvware.sourceforge.net/caolan/ora-wmf.html http://blogs.technet.com/b/srd/archive/2013/10/08/ms13-080-addresses-two-vulnerabilities-under-limited-targeted-attacks.aspx http://jsunpack.jeek.org/?report=847afb154a4e876d61f93404842d9a1b93a774fb
Short Name
HTTP:INVALID:UNEXPECTCHAR
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2006-5112 CVE-2009-4819 CVE-2014-3978 CVE-2014-9305 CVE-2015-2080 bid:20250 bid:2306 character shellcode unexpected
Release Date
11/07/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3723
False Positive
Rarely
CVSS Score
7.5
6.5
6.8
5.0