Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
559
Views
0
Helpful
3
Replies

sql injection update signature

josephium
Level 1
Level 1

‎09-17-2008 04:39 AM - edited ‎03-10-2019 04:17 AM

hi,

we are currently comparing cisco ips to tippingpoint, i have a cisco ips in front and tippingpoint in the back, so we are checking if cisco ips is missing on a lot of stuff , and currently it is missing on SQL injection attacks and cross scripting, which seems to be the weak point in cisco ips, its missing a lot on sql injection signatures, i mean why a simple update/set command does not have a signature ?

Labels:
0 Helpful
3 Replies 3

mhellman
Level 7
Level 7

‎09-17-2008 06:45 AM

Cisco just recently added some "generic SQL injection" signatures. Are you on the latest signature release? 5930-0 thru 5930-6 are the new ones. There is no update/set one though AFAICT. 5474-0 and 5474-1 are the only other signatures I'm aware of.

0 Helpful

josephium
Level 1
Level 1
In response to mhellman

‎09-18-2008 01:35 AM

Thank you for your reply, do you know how to get in contact with the ips signature engineers at Cisco , i would like to share my comparaison with them as well as an attack that is passing all sql injection signature containing update but with u%pdate and the sql database is interpreting it as a normal update.

0 Helpful

wsulym
Cisco Employee
Cisco Employee
In response to josephium

‎09-18-2008 03:59 AM

Send us an email to ips-signature-team@cisco.com one of the signature developers will pick it up.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card