Check Point Advisories

HTTP Format Sizes (CVE-2007-0774)

Check Point Reference: CPAI-2013-2454
Date Published: 4 Jul 2013
Severity: High
Last Updated: Friday 29 March, 2024
Source: CVE-2007-0774
CVE-2014-0050
Protection Provided by:

Security Gateway
R75 and above

  • R71
  • R70

  • Who is Vulnerable? Web servers
    Vulnerability Description It is good security practice to limit the sizes of different elements in HTTP request and response. This reduces the chance for buffer overruns and limits the size of code that can be inserted into the header.
    Vulnerability DetailsThis protection allows you to configure upper bounds to different elements in the HTTP request and response. You can also impose limits on specific headers using a regular expression to describe the header name. If the inspected HTTP connection contains more than one request, the limits are imposed on each request separately.

    Protection Overview

    This protection can be applied either to all traffic or to specific web servers. When the attack is blocked, users can be informed via a customizable web page.

    Security Gateway R75 / R71 / R70

    1. In the IPS tab, click Protections and find the HTTP Format Sizes protection using the Search tool and Edit the protection's settings.
    2. Install policy on all modules.

    SmartView Tracker will log the following entries:
    Attack Name: HTTP Protocol Inspection
    Attack Information: HTTP Format Sizes

    ×
      Feedback
    This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
    OK