Jump to content
Welcome to our new Citrix community!
  • 0

XML SQL Injection blocking traffic after upgrade


Murilo Rocha

Question

Hi All,

I upgraded a netscaler from version 10.5 to 11.1

After the upgrade the appfw started to block some traffic. I already deployed relaxation rules but no luck so far. One of the challenges is that the "learn" option is grey out so I can't learn and deploy a relaxation rule that matches the exact block.

 

I am getting several blocks with similar messages

 

SQL SQL check failed for field http://xmlschema.acc.co.nz/claimmanagement/EClaim_Message20060519:Cause_Of_Injury="..and injured little toe right foot

 

The Eclaim_Message number will vary so as the cause of injury.

 

I am trying to identify which field I need to create a relaxation for. I tried a few relaxation rules but none seem to work

bind appfw profile "WSG FW Profile" -XMLSQLInjection Cause_Of_Injury
bind appfw profile "WSG FW Profile" -XMLSQLInjection Cause_Of_Injury -location ATTRIBUTE
bind appfw profile "WSG FW Profile" -XMLSQLInjection Injury
bind appfw profile "WSG FW Profile" -XMLSQLInjection Injury -location ATTRIBUTE
bind appfw profile "WSG FW Profile" -XMLSQLInjection EClaim_Message
bind appfw profile "WSG FW Profile" -XMLSQLInjection EClaim_Message -location ATTRIBUTE
bind appfw profile "WSG FW Profile" -XMLSQLInjection Claim
bind appfw profile "WSG FW Profile" -XMLSQLInjection Claim -location ATTRIBUTE

 

Any ideas?

One of the options I am considering is to exclude the URI from the SQL checks

 

Regards,

 

 

Link to comment

0 answers to this question

Recommended Posts

There have been no answers to this question yet

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...