WebApp Sec mailing list archives

Re: ISA Server and SQL Injection

From: Matthieu Estrade <mestrade () apache org>
Date: Wed, 16 Feb 2005 09:53:20 +0100

John Steer wrote:

I'm not sure any firewall would stop a SQL Injection attack.


Web application firewall can do this. They filter http content.

This is an application issue

-----Original Message-----

From: Rafael San Miguel [mailto:smcsoc () yahoo es]Sent: Monday, February 14, 2005 10:06 AM

To: webappsec () securityfocus com
Subject: ISA Server and SQL Injection


Hi all,

¿Has anyone tested ISA Server 2004 against SQL
Injection attacks? I mean, ¿can it protect from this
type of vulnerability?

Thanks in advance. Greetings,

Rafael San Miguel Carrasco

Current thread:

ISA Server and SQL Injection Rafael San Miguel (Feb 14)
- Re: ISA Server and SQL Injection Tim Hoolihan (Feb 17)
- <Possible follow-ups>
- RE: ISA Server and SQL Injection John Steer (Feb 15)
  - Re: ISA Server and SQL Injection Matthieu Estrade (Feb 16)
    - Re: ISA Server and SQL Injection Bogdan Tomchuk (Feb 16)
    - Re: ISA Server and SQL Injection Matthieu Estrade (Feb 17)
    - Re: ISA Server and SQL Injection Bogdan Tomchuk (Feb 17)
    - Re: ISA Server and SQL Injection Matthieu Estrade (Feb 17)
    - RE: ISA Server and SQL Injection Marty Block (Feb 19)
    - Re: ISA Server and SQL Injection fantomas (Feb 28)
- RE: ISA Server and SQL Injection Hofmeyr, Michael (ZA - Johannesburg) (Feb 15)
  - Re: ISA Server and SQL Injection Darren Bounds (Feb 16)
- RE: ISA Server and SQL Injection charles freeman (Feb 16)
- RE: ISA Server and SQL Injection Roberto GABERGI (Feb 17)

(Thread continues...)