Intrusion Prevention

HTR.Chunked.TransferEncoding

Description

This indicates detection of an HTR request with chunked transfer encoding, which suggests a possible attempt to exploit a heap overflow vulnerability in Microsoft Internet Information Service (IIS) server.
IIS is a powerful web server that provides a highly reliable, manageable, and scalable Web application infrastructure. IIS chunked encoding allows data chunks of various sizes to be transmitted from web clients to web servers. HTR is a scripting language supported by IIS. There exists a heap overflow vulnerability in the processing of HTR request sessions due to an error in ISAPI extension that implements HTR.

Affected Products

Any unprotected IIS 4.0 and 5.0 system is vulnerable to the attack.

Impact

Attackers can execute arbitrary code on compromised systems.

Recommended Actions

Apply the appropriate patch from Microsoft (Microsoft Security Bulletin MS02-028)

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date	Version	Detail
2019-05-08	14.609	Sig Added

ID	13099
Created	Sep 11, 2006
Updated	Nov 15, 2021
Risk
CVE ID	CVE-2002-0364
Exploit Prediction Score	93.64%
Default Action	drop
Active
Affected OS	Windows
Affected App	IIS

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Intrusion Prevention

HTR.Chunked.TransferEncoding

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

Version Updates

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

Intrusion Prevention

HTR.Chunked.TransferEncoding

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

Version Updates

Threat Intelligence
Center