topic Re: sql injection update signature in Network Security https://community.cisco.com/t5/network-security/sql-injection-update-signature/m-p/1104587#M78790 <HTML><HEAD></HEAD><BODY><P>Send us an email to <A href="mailto:ips-signature-team@cisco.com">ips-signature-team@cisco.com</A> one of the signature developers will pick it up.</P></BODY></HTML> Thu, 18 Sep 2008 10:59:45 GMT wsulym 2008-09-18T10:59:45Z sql injection update signature https://community.cisco.com/t5/network-security/sql-injection-update-signature/m-p/1104584#M78783 <P>hi,</P><P>we are currently comparing cisco ips to tippingpoint, i have a cisco ips in front and tippingpoint in the back, so we are checking if cisco ips is missing on a lot of stuff , and currently it is missing on SQL injection attacks and cross scripting, which seems to be the weak point in cisco ips, its missing a lot on sql injection signatures, i mean why a simple update/set command does not have a signature ? </P><P></P><P></P> Sun, 10 Mar 2019 11:17:56 GMT https://community.cisco.com/t5/network-security/sql-injection-update-signature/m-p/1104584#M78783 josephium 2019-03-10T11:17:56Z Re: sql injection update signature https://community.cisco.com/t5/network-security/sql-injection-update-signature/m-p/1104585#M78785 <HTML><HEAD></HEAD><BODY><P>Cisco just recently added some "generic SQL injection" signatures. Are you on the latest signature release? 5930-0 thru 5930-6 are the new ones. There is no update/set one though AFAICT. 5474-0 and 5474-1 are the only other signatures I'm aware of.</P></BODY></HTML> Wed, 17 Sep 2008 13:45:59 GMT https://community.cisco.com/t5/network-security/sql-injection-update-signature/m-p/1104585#M78785 mhellman 2008-09-17T13:45:59Z Re: sql injection update signature https://community.cisco.com/t5/network-security/sql-injection-update-signature/m-p/1104586#M78789 <HTML><HEAD></HEAD><BODY><P>Thank you for your reply, do you know how to get in contact with the ips signature engineers at Cisco , i would like to share my comparaison with them as well as an attack that is passing all sql injection signature containing update but with u%pdate and the sql database is interpreting it as a normal update.</P></BODY></HTML> Thu, 18 Sep 2008 08:35:11 GMT https://community.cisco.com/t5/network-security/sql-injection-update-signature/m-p/1104586#M78789 josephium 2008-09-18T08:35:11Z Re: sql injection update signature https://community.cisco.com/t5/network-security/sql-injection-update-signature/m-p/1104587#M78790 <HTML><HEAD></HEAD><BODY><P>Send us an email to <A href="mailto:ips-signature-team@cisco.com">ips-signature-team@cisco.com</A> one of the signature developers will pick it up.</P></BODY></HTML> Thu, 18 Sep 2008 10:59:45 GMT https://community.cisco.com/t5/network-security/sql-injection-update-signature/m-p/1104587#M78790 wsulym 2008-09-18T10:59:45Z