'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

infoleak_other:app_not_available_sql_server(Rule ID:1040500003)

Release Date2025/9/15

Rule NameApplication is not available because of the SQL server connetion failure

Severity:high

CVE ID

 

Descripiton

Sensitive information is a kind of information that is not known by the public and has actual or potential value. Loss, misuse or unauthorized access to sensitive information may do harm to individuals, enterprises and even the society. Source code in response of server always leak sensitive information, which will contribute to other attacks for malicious attckers. This rule will check SQL server failing message in response to prevent information leakage. This rule supports to defend the A2: Cryptographic Failures of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.