BugZero found this defect 1992 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
7/19/2023
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
All
Fireware
12.x
12.0.x
12.1.x
12.1
12.1.1
12.1.3
12.10.x
12.2.x
12.3.x
12.4.x
All
If you configure Gateway AV to drop or block password-protected archive files, it will fail to identify password-protected RAR-5 files. Instead, password-protected files are incorrectly allowed through the Firebox.
To block these files with the HTTP proxy, you can specifically block RAR-5 archive files by Body-Content Type. Use these options in the rule: Rule Name: RAR-5 ArchivesPattern match: %0x526172211A070100%* For full instructions, see HTTP Response: Body Content Types In all proxy action types you can configure a Content Type rule to deny RAR files: Rule Name: RAR filesExact Match: application/x-rarAction: Drop To find instructions for each proxy action type, see About Proxy Actions