Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1031103210331034103510361037103810391040
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
1034
Signature ID: 37012
SQL Injection with SELECT SQL Statement
Threat Level: Severe
Signature Description: This Rule hits when SQL SELECT Statement exists in the http request argument value. This
SQL Statement is used to view records of the SQL Database tables. Attacker injects this SQL statement to view
database records of the tables on the victim machine.
Signature ID: 37013
SQL Injection with String Terminating Characters
Threat Level: Warning
Industry ID: CVE-2008-2897
Signature Description: This Rule hits when http request argument consists of SQL Injection Meta-Characters found.
Single or double colons are SQL String terminating characters, attacker embeds these characters in the string and
mostly injects his own SQL statements. Successful attack may disclose sensitive information of victim. Or an attacker
can injects his own SQL statements afterwards.
Signature ID: 37014
SQL Injection with SQL AND statement
Threat Level: Severe
Industry ID: CVE-2008-2904 CVE-2008-2918 CVE-2008-2921
Signature Description: This Rule hits when http request argument consists of SQL Injection Conditional joining
Statement AND found. This statement is used to join two SQL Conditions, attacker embeds this Statement in the string
to execute his own SQL Query in Conjunction. Successful attack will execute attacker’s SQL Queries on the
victim machine.
Signature ID: 37015
SQL Query Injection with semicolon Operator
Threat Level: Severe
Signature Description: This rule hits when http request argument consists of SQL query delimiter character semicolon
followed with SQL DROP query , DROP is a SQL DML Statement which is used to delete tables from the database.
Successful attempt leads to admin privileges on the affected system.
Signature ID: 37016
SQL Injection with SQL SELECT Statement
Threat Level: Severe
Industry ID: CVE-2007-0589
Bugtraq: 22246
Signature Description: This rule hits when http request argument consists of SQL SELECT Statement, this statement is
used to view the records in the database tables, attacker uses this technique for to view the contents of a database table.
Signature ID: 37017
SQL Injection with SQL UNION Statement and with Space Character as plus
Threat Level: Severe
Industry ID: CVE-2008-4717
Signature Description: This rule hits when http request argument consists of SQL UNION statement and plus symbol
as space character, UNION statement is used to join two or more SQL Statements to form one single SQL statement,
attacker uses this statement to include his own SQL statement. Successful attempt allows attackers to gain the admin
access on the affected victim’s database.