how a attacker abuse from abort_invalid_hex option in snort? for example if he send invalid hex (%0J) what happen ? do web server accept it?
Yes, some webservers do accept it. It could be abused to circumvent input filtering, thwart IDS, obfuscate urls etc. http://www.securityfocus.com/bid/886/discussion/
Oliver's Law: Experience is something you don't get until just after you need it.
Forum Rules