SQL Injection Attacks
|Category:||Web Intelligence Protections|
|Vulnerable Systems:||SQL Databases with Web-based front end|
|Source:||SmartDefense Research Center|
|Description:||A vulnerable web application may allow a remote attacker to inject SQL commands disguised as a URL or form input to the database. A successful SQL injection attack may cause the SQL server to run undesirable commands and manipulate the contents of the database.|
|SQL Injection attacks can allow an attacker to:
Structured Query Language (SQL) is a textual language used to interact with relational Databases. Applications often use SQL statements to authenticate users to the application, validate roles and access levels, store and obtain information for the application and user, and link to other data sources.
SQL Injection flaws allow attackers to relay a malicious code through a web application to another system. This is done through calls to backend databases using SQL queries. To exploit a SQL injection flaw, the attacker must find a parameter that the web application passes through to a database. By carefully incorporating malicious SQL commands into the content of the parameter, the attacker can manipulate the web application into forwarding a malicious query into the database.
The consequences are particularly damaging, as a successful attack may get the database to run undesirable commands, resulting in disclosure of confidential information, database modifications or even database shutdown.
Using SmartView Tracker, users of VPN-1 NG with Application Intelligence R55W, users of VPN-1 NGX R60 and users of Connectra that have enabled the Web Intelligence SQL Injection protection mentioned below, will identify SQL Injection attacks by the following entries (example only):
Users of VPN-1 NG with Application Intelligence R55W, users of VPN-1 NGX R60 and users of Connectra with Web Intelligence license are protected against SQL Injection attacks.
Web Intelligence can inspect for the presence of SQL commands in web forms or URLs sent in HTTP requests to a server. The protection looks for several categories of commands, including distinct SQL commands (i.e. strings that are unique to SQL), non-distinct SQL commands (i.e. strings that may appear in common language, such as "select", "join" etc), as well as special SQL separator characters (+ ' -).
To enable the Protection (R55W, R60):
To enable the protection (Connectra):
|Additional Information:||Top Ten Vulnerabilities