Hi list, I was reading about the recent round of sql injection attacks at http://www.f-secure.com/weblog/archives/00001427.html. Their SQL code snippet does not match any of the strings in rule 31103 as its content is obfuscated, but it starts off with 'declare'. I've decided to overwrite 31103 with a local_rule to add 'declare' to the list. I am not a web developer, but it seems to me that 'declare' isn't too likely to be used an a URI. Are there any web developers who could comment?
I'd like to nominate 'declare' to be added to the official rule, as well. thanks Rick ps sorry about the disclaimer This message contains TMA Resources confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version.
