TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
1033
slash(/)star(*) . Attacker uses this techniques to ignore the embedded MySQL Statement on the server machine. By this
attacker can bypass database validations on the victim machine. Successful attacker gains admin access on the affected
system.
Signature ID: 37006
Classical SQL Injection with MySQL Comments and Tautology conditions
Threat Level: Severe
Signature Description: This Rule hits when classical sql injection pattern like a’ or 1=1 and MySQL Comment
Statement # detected in the http request argument value. An attacker bypass authentication validations using this
technique. Successful attacker gains the admin access on the affected system.
Signature ID: 37007
Classical SQL Injection with MySQL Comments
Threat Level: Severe
Signature Description: This rule hits when http request argument consists of pattern like abc’ or 1=1 with
slash(/) and with star(*) MySQL Comments. An attacker bypass authentication validations using this technique.
Successful attacker gains the admin access on the affected system.
Signature ID: 37008
SQL Injection with UPDATE SQL Statement
Threat Level: Severe
Signature Description: This rule hits when http request argument consists of pattern like abc' UPDATE.SQL Statement
UPDATE is used to Modify the SQL database tables. An attacker updates the common databases tables like users by
inserting SQL Statement UPDATE with a string. If the attack is Successful then the attacker gains the admin access on
the affected system.
Signature ID: 37009
SQL Injection with DROP SQL Statement
Threat Level: Severe
Signature Description: This Rule hits when SQL Drop Statement exists in the http request argument value. This SQL
Statement is used to Delete SQL Database tables. Attacker injects this SQL statement to Delete tables on the victim
machine.
Signature ID: 37010
SQL Injection with INSERT SQL Statement
Threat Level: Severe
Signature Description: This Rule hits when SQL INSERT Statement exists in the http request argument value. This
SQL Statement is used to Insert new records into the SQL Database tables. Attacker injects this SQL statement to Insert
his records into the tables on the victim machine.
Signature ID: 37011
SQL Injection with DELETE SQL Statement
Threat Level: Severe
Signature Description: This Rule hits when SQL DELETE Statement exists in the http request argument value. This
SQL Statement is used to delete a record from the SQL Database tables. Attacker injects this SQL statement to delete a
record from the tables on the victim machine