CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. Come to CPUG CON 2008 EUROPE in Switzerland on September 8th - 9th!
    Two days full of technical content for Check Point administrators in the beautiful Swiss Alps!
    We already have 72 attendees signed up from 20 countries!
2. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 10/6, 11/3, 12/8, (2009) 1/19, 2/9, 3/9, 4/6, 5/4, 6/8, 7/6, 8/3, 9/7.
3. Corrent S3500 SecureXL Turbocards For Sale - Last Six Remaining - Get Your Spares!
4. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Discussion Threads About This Discussion Board > About This Discussion Board
Reload this Page reply button, SD command injection.
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2006-08-22
firewalz firewalz is offline
Junior Member
  
Join Date: 2006-06-23
Posts: 21
Rep Power: 0
firewalz has an average reputation (10+)
Default reply button, SD command injection.
FYI,
When replying to a thread, I am getting blocked through smart defense command injection

Number: 246535
Date: 22Aug2006
Time: 8:52:17
Product: SmartDefense
Interface: eth0
Origin: ngx-1
Type: Log
Action: Reject
Protocol: tcp
Service: http (80)
Source: xxxxxxx
Destination: ns1.informationengine.org (209.59.197.93)
Source Port: 1497
Attack Name: Command Injection
Information: reason: WSE0050002 command injection detected in request: 'ftp'
resource: http://209.59.197.93/forums/newreply.php
Reply With Quote
  #2 (permalink)  
Old 2006-10-01
BarryStiefel BarryStiefel is offline
Administrator
  
Join Date: 2005-08-11
Location: San Francisco, CA
Posts: 551
Rep Power: 10
BarryStiefel has disabled reputation
Default Re: reply button, SD command injection.
Quote:
Originally Posted by firewalz View Post
FYI,
When replying to a thread, I am getting blocked through smart defense command injection

Number: 246535
Date: 22Aug2006
Time: 8:52:17
Product: SmartDefense
Interface: eth0
Origin: ngx-1
Type: Log
Action: Reject
Protocol: tcp
Service: http (80)
Source: xxxxxxx
Destination: ns1.informationengine.org (209.59.197.93)
Source Port: 1497
Attack Name: Command Injection
Information: reason: WSE0050002 command injection detected in request: 'ftp'
resource: http://209.59.197.93/forums/newreply.php
I have no idea why this is occuring. We're using the tried and true vBulletin discussion board software and this is the first I've heard of this.

Is it still happening?

vBulletin does have a small upgrade available (to 3.6.1) that I haven't installed yet. This may help.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -7. The time now is 08:27.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.0.0