Forum Discussion

Nimbostratus

Jun 30, 2011

Activity triggering a generic buffer overflow attack signature

Hello, we have development occurring on a web application that is protected by an ASM policy we are seeing two of the generic buffer overflow attack signatures being triggered during testing...

app sec

BIG-IP Access Policy Manager (APM)

security

hooleylist

Cirrostratus

Jun 30, 2011

Also, in ~10.1 you can view the details of the full request info for the attack signature violation to (sometimes?) get a snippet of the matched string. But getting access to the full attack sig via MySQL should let you test this fully.

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Activity triggering a generic buffer overflow attack signature

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Active/Active load balancing examples with F5 BIG-IP and Azure load balancer

Leveraging Ansible Rulebooks for Streamlined Event Triggers: Advantages and Benefits

Support of WAF Signature Staging in F5 Distributed Cloud (XC)

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

In an active/standby setup of ASM, with sync only device group, do signature updates sync up?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS