Saturday, May 14, 2011

Imperva SecureSphere - SQL injection filter bypass

Affected Software : SecureSphere Web Application Firewall (WAF)
Severity : High
Local/Remote : Remote
Author : @drk1wi

Summary

Due to a typo in one of the rules of the sql injection engine the WAF can be bypassed by appending a specially crafted string.

Vulnerability Details


The vector: 15 and '1'=(SELECT '1' FROM dual) and '0having'='0having' won't be classified as malicious and will bypass the SQL Injection filter. 'and '0having'='0having' is causing the bypass.

Time-line

8/07/2010 - Vendor notified
10/07/2010 - Vendor response
12/08/2010 - Vendor patch release
06/05/2011 - Public disclosure

Fix Information

Apply ADC Content Update from 12 - August - 2010

0 Comments:

Post a Comment



Related Posts Plugin for WordPress, Blogger...
 

FREE HOT VIDEO | HOT GIRL GALERRY