HTTP.ContentEncoding.Deflate.Spoofing
Description
This indicates detection of an HTTP packet with malformed deflate compression.
The HTTP Content-Encoding header indicates the compression is based on the deflate algorithm, but the first segment does not conform to the algorithm.
Affected Products
Any unprotected system is vulnerable to the attack.
Impact
This may indicate an attempted probe or attack.
Recommended Actions
The signature can be enabled to block this traffic.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |