Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
891892893894895896897898899900
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
892
Signature ID: 35148
SQL Injection login bypass attempt
Threat Level: Severe
Bugtraq: 29025,29574
Signature Description: Remote Attackers bypass login page and gets admin access by combining embedded tautology
conditions like HAVING “A” with post data filelds like admin,id. If attack is succeeded attackers gains
admin access on the target system. This Rule hits when attribute values consists of LIKE,HAVING,and Conditional
Joining such as AND,OR,XOR.
Signature ID: 35149
SQL Injection login bypass attempt
Threat Level: Severe
Signature Description: Remote Attackers bypass login page and gets admin access by combining embedded tautology
conditions like 1=1 with post data fields like admin,id. If attack is succeeded attackers gains admin access on the target
system. This rule hits when an attribute value consists of any tautology conditions with SQL Statements LIKE,
SOUNDS, or Conditional joining with SQL Relational Operators.
Signature ID: 35150
Classical SQL Injection with SQL Statements
Threat Level: Severe
Signature Description: Attacker uses sql injection meta-characters such as ; or > or “ to inject sql statements.
This rule hits when sql-injection metacharacters found and any sql statement found in the attribute values.
Signature ID: 35151
Classical SQL Injection
Threat Level: Severe
Signature Description: This rule hits when Inline comments, or SQL DDL Commands, or Conditional Join Statements
present in the attribute values. Successful attacker gains the admin access on the affected system.
Signature ID: 35152
Classical SQL Injection
Threat Level: Severe
Signature Description: This rule hits when sql loop statements, or sql from string or COALESCE or Classical sql
injection with integer values are present in the attribute values. Successful attacker gains the admin access on the
affected system.
Signature ID: 35153
SQL Injection with SQL Statements BENCHMARK or Conditional Statements or SLEEP
Statements
Threat Level: Severe
Signature Description: This Rule hits when an attribute value consists any of SQL Statements
BENCHMARK,SLEEP,IF,SELECT statements. Successful attacker gains the admin access or disrupt the server
activities.