SQL injection Prevention - Cookie : suspicious UNION statement in Cookie


Description   This alarm is raised when a suspicious combination of SQL known keywords is found in a Cookie. This signature in the Internet profile has been configured to pass, ignore.The great number of public forums on the databases and the operation of certain dynamic sites make the risk of false positives high on public servers.
Before 8.1.2 version, this signature was available in context [http:client:header].
     
Default
configuration 		 
Profiles High Medium Low Internet
Action Block Pass Pass Pass
Alarm Level Minor Minor Minor Minor
     
References  
     
Available since   ASQ v4.1.2
     
Protects   WordPress Third-Party Plugins Multiple Vulnerabilities
Joomla "session_ids" Disclosure Vulnerability
Watchguard XCS Multiple Arbitrary Remote Commands Execution Vulnerabilities
Support Tickets MyTickets "MyTickets_language" SQL Injection Vulnerability
OpenX "sessionID" SQL Injection Vulnerability
ClipBucket "cb_lang" SQL Injection Vulnerability
SetSeed "loggedInUser" SQL Injection Vulnerability
vAuthenticate Multiple SQL Injection Vulnerabilities
Moodle Multiple Remote SQL Injection and Security Bypass Vulnerabilities
Debian Security Update Fixes Doctrine Remote SQL Injection Vulnerability
Debian Security Update Fixes Request Tracker Multiple Vulnerabilities
TYPO3 Code Execution and Multiple Cross Site Scripting Vulnerabilities
Web Ideas Web Shop "page" and "ps_session" SQL Injection Issues
Ballettin Forum Multiple Parameter SQL Injection Vulnerabilities
Sandbox SQL Injection and Arbitrary File Upload Vulnerabilities
DeluxeBB "memberid" Parameter Remote SQL Injection Vulnerability
PHP-Quick-Arcade SQL Injection and Cross Site Scripting Vulnerabilities
Interactivefx.ie CMS "id" and "login" SQL Injection Vulnerabilities
MCshoutbox SQL Injection and Arbitrary File Upload Vulnerabilities
KerviNet Forum SQL Injection and Cross Site Scripting Vulnerabilities
100 last CVE   CVE-2017-9337
CVE-2017-9336
CVE-2017-2168
CVE-2017-1002022
CVE-2017-1002021
CVE-2017-1002020
CVE-2017-1002019
CVE-2017-1002018
CVE-2017-1002017
CVE-2015-5453
CVE-2015-5452
CVE-2011-1690
CVE-2011-1689
CVE-2011-1688
CVE-2011-1687
CVE-2011-1686
CVE-2011-1685
CVE-2011-1522
CVE-2010-1859
CVE-2010-1662
CVE-2010-1661
CVE-2009-3716
CVE-2009-3715
CVE-2009-3714
CVE-2009-2327
CVE-2009-2326



 
 
 
 
 Risk level 
Low