Real-life examples
Now that we've learned about the theory behind virtual patching let's look at some examples of actual vulnerabilities and how they could be fixed with virtual patching. I've already mentioned some sites such as SecurityFocus that are helpful for keeping up to date with the latest security advisories, and that site comes in handy as a treasure trove to find examples to write about in this section.
Geeklog
One example of a vulnerability posted at SecurityFocus affects the content management system called "Geeklog". This is something you would run if you wanted an easy way to post content to your web site. Version 1.5.2 and earlier versions of Geeklog are vulnerable.
The following information was provided with the posting about the vulnerability:
Sound familiar? This vulnerability is based on the same kind of SQL injection attack that we just saw an example of in the previous section.
Now we know what type of vulnerability exists, but we don't know yet how it can be fixed. To...
