Forum Discussion
imac_105647
Nimbostratus
Jun 30, 2011Activity triggering a generic buffer overflow attack signature
Hello,
we have development occurring on a web application that is protected by an ASM policy we are seeing two of the generic buffer overflow attack signatures being triggered during testing so I have two questions:
Is there any way to see what an attack signature is matching against to see why it is being triggered?
Are buffer overflows triggered by some other setting (max length of string set somewhere for example)?
Any other clues about how I can troubleshoot this would be appreciated.
Ian
- hoolio
Cirrostratus
Hi Ian, - hoolio
Cirrostratus
Also, in ~10.1 you can view the details of the full request info for the attack signature violation to (sometimes?) get a snippet of the matched string. But getting access to the full attack sig via MySQL should let you test this fully. - imac_105647
Nimbostratus
Hi Aaron, - hoolio
Cirrostratus
Oye... upgrade already! :) 9.4.x is going out of support and there have been *a lot* of improvements for ASM and LTM in v10. 10.2.x has been very stable and performant.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects