Not able to attach DOC/excel in F5 ver 11.3 ASM Blocking mode
Hello ,
I am not able to attach DOC/excel in F5 ver 11.3 ASM Blocking mode.
My Requirement : When i un-check the Block option from the below parameter i am able to attach even xip,exe extn and when i check the Block option for below parameters it is blocking DOC/word as well.
Please provide the necessary help !
***Following is the error details
-Null in multi-part parameter value Error Yes Yes Yes* **
G..e.n..e..r.a..l. .I.n..f.o..r.m...a.t..io..n.......................................................................................... Requested URL: [HTTPS] /owa/ Security Policy: Exchange_httpclass Source IP Address: 86.98.49.x:61018 Source IP Address Intelligence: N/A Destination IP Address: 192.168.1.xx:443 Geolocation: United Arab Emirates Time: 2013-10-29 08:58:16 Request Status: Blocked, Truncated Severity: Error Response Status Code: N/A Attack Types: Buffer Overflow Username: N/A Session ID: 62d1860c911c432b
A..t.t.a..c.k.. .T..y.p..e..s.................................................................................................... Buffer Overflow Buffer Overflow could be triggered when data written to memory exceeds the allocated size of the buffer for that data. This could lead to the Denial of Service or arbitrary code execution.
.V..io..l.a..t.i.o..n..s........................................................................................................ Null in multi-part parameter value Description The system checks that the multi-part request has a parameter value that does not contain the NULL character (0x00). If a multipart parameter with binary content type contains NULL in its value, the enforcer issues this violation. The exceptions to this are: - If that parameter is configured in the policy as "Ignore value". - If that parameter is configured in the security policy as "user-input file upload". - If the parameter has a content-type that contains the string 'XML' and the parameter value contains a valid UTF16 encoded XML document (the encoding is valid). In this case NULL is allowed as it is part of the UTF16 encoding. Details Parameter Level: Global
Regards, Akber Mirza.