Security #1364
Updated by Victor Julien almost 10 years ago
A logic error in MemcmpLowercase excluded the first byte from the compare. This can lead to FN/FP issues for all users of this function. Affected: * - HTTP multipart parsing might get confused, so file matching and extraction can fail * - http_header keyword won't inspect specific headers: > * - with name Xookie (where X can be any byte but 'c'/'C') > * - with name Xet-cookie (where X can be any byte but 's'/'S') * - fileext keyword can be bypassed * - FTP 'ftpbounce' keyword may be bypassed