HTTP: Generic SQL Procedure Detection
This signature detects specific characters, typically used in SQL procedures, within an HTTP connection. Because these characters are not normally used in HTTP, this can indicate a SQL injection attack through a procedure. However, it can be a false positive.
Extended Description
SQL instructions could disclose, modify or destroy records stored in the database. This capability could be leveraged by the attacker to further penetrate the target host(s).
References
BugTraq: 93864
CVE: CVE-2014-2268
URL: http://security-papers.globint.com.ar/oracle_security/sql_injection_in_oracle.php https://pentest.blog/unexpected-journey-into-the-alienvault-ossimusm-during-engagement/ https://www.navixia.com/blog/entry/navixia-find-critical-vulnerabilities-in-vtiger-crm-cve-2014-2268-cve-2014-2269.html http://vtiger-crm.2324883.n4.nabble.com/Vtigercrm-developers-IMP-forgot-password-and-re-installation-security-fix-tt9786.html
Short Name
HTTP:SQL:INJ:PROC-GENERIC
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2014-2268 CVE-2016-8580 Detection Generic Procedure SQL bid:93864
Release Date
03/03/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Occasionally
CVSS Score
7.5
5.0