Manipulating Microsoft SQL Server Using SQL Injection

From: Aaron C. Newman (aaron@newman-family.com)
Date: Wed Aug 28 2002 - 09:38:02 PDT

Next message: Ulf Harnhammar: "Re: PHP: Bypass safe_mode and inject ASCII control chars with mail()"

Previous message: Aviram Jenik: "Webmin Vulnerability Leads to Remote Compromise (RPC CGI)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi All, 

I just posted a short white paper on Microsoft SQL Server and SQL
Injection titled "Manipulating Microsoft SQL Server Using SQL Injection"
at: 

http://www.appsecinc.com/news/briefing.html#inject14 

The paper was written and researched by Cesar Cerrudo
(sqlsecat_private).

All comments are welcome. 
 
Regards,
Aaron
_______________________________
Aaron C. Newman
anewmanat_private
CTO/Founder
Application Security, Inc.
www.appsecinc.com
Phone: 212-490-6022
Fax: 212-490-6456
- Protection Where It Counts -

Next message: Ulf Harnhammar: "Re: PHP: Bypass safe_mode and inject ASCII control chars with mail()"
Previous message: Aviram Jenik: "Webmin Vulnerability Leads to Remote Compromise (RPC CGI)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Aug 28 2002 - 13:21:29 PDT