Revise error report generation for Espigon SQL injection scenario

Monitoring Control for Remote Software Maintenance

Status: Alpha

Brought to you by: bgaudin, dadecal, euskaraz, jog2pt, and 4 others

#437 Revise error report generation for Espigon SQL injection scenario

Milestone: Backlog

Status: open

Owner: Carmen Calle

Labels: None

Updated: 2013-04-11

Created: 2013-04-10

Creator: joăo coelho garcia

Private: No

When reviewing an error report generated for an SQL injection incident (see https://traclabs.fastfixproject.eu/ticket/1488), I made the following observations that I propose to change in order to create an error report that is more understandable and better supporting the developer:

1. Text input event:
  User and client IP address seems to be switched.
  What is "Last active window" and "WCF protocol timestamp"? I would remove this.
1. DATABASE TRANSACTION:
  Do we have information about the SQL statement that was executed? Would be nice to show it here.
HTTP Request missing
I am missing the HTTP request event here in which the SQL injection input was transported to the server.

Former ticket Nr. 686

Discussion

joăo coelho garcia - 2013-04-11

Description has changed:

Diff:

Milestone: Trial Phase 1 - Espigon --> Backlog
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Revise error report generation for Espigon SQL injection scenario

Monitoring Control for Remote Software Maintenance

Milestone

Searches

Help

#437 Revise error report generation for Espigon SQL injection scenario

Discussion