Guest

Preview Tool

Cisco Bug: CSCtc14500 - WAP3-6.1: REQUEST_URL_PATH doesn't match custom rule/signature

Last Modified

Feb 10, 2014

Products (2)

  • Cisco ACE XML Gateways
  • Cisco ACE XML Gateway

Known Affected Releases

6.1

Description (partial)

Symptom:
The message with attack vector is not blocked.
Conditions:
1. There are both case sensitive and case insensitive signatures.
2. The case sensitive signature match partially to attack vector.

For example:
There is case sensitive signature: \WtestSig2\W
and case insensitive: \WtestSig1\W

The attack vector "!testSig1! will not be blocked, since last "!" matches partially to "\WtestSig2\W" and signature "\WtestSig1\W" will not being checked.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.