The UNIX and Linux Forums  

Go Back   The UNIX and Linux Forums > Special Forums > Windows & DOS: Issues & Discussions > Security Advisories (RSS) - Microsoft
Microsoft Security Advisory (954462): Rise in SQL Injection Attacks Exploiting Unveri Microsoft Security Advisory (954462): Rise in SQL Injection Attacks Exploiting Unveri
Google UNIX.COM
Forums Portal Register Forum Rules FAQContribute Members List Arcade Search Today's Posts Mark Forums Read


Security Advisories (RSS) - Microsoft Microsoft Security Advisories Via RSS News

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Microsoft Security Advisory (954462): Rise in SQL Injection Attacks Exploiting Unveri iBot Security Advisories (RSS) - Microsoft 0 06-24-2008 01:50 PM
Microsoft Security Advisory (950627): Vulnerability in Microsoft Jet Database Engine iBot Security Advisories (RSS) - Microsoft 0 04-06-2008 01:50 AM
Microsoft Security Advisory (932114): Vulnerability in Microsoft Word 2000 Could Allo iBot Security Advisories (RSS) - Microsoft 0 12-24-2007 06:00 AM
Microsoft Security Advisory (937696): Release of Microsoft Office Isolated Conversion iBot Security Advisories (RSS) - Microsoft 0 12-24-2007 06:00 AM
Microsoft Security Advisory (909444): Various Issues After Installing Microsoft Secur iBot Security Advisories (RSS) - Microsoft 0 12-24-2007 06:00 AM

Reply
 
Submit Tools LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 06-25-2008
iBot's Avatar
RSS Robot Girl
  

Join Date: Sep 2000
Posts: 14,302
Stumble this Post!
Microsoft Security Advisory (954462): Rise in SQL Injection Attacks Exploiting Unveri
Revision Note: June 25, 2008: Removed erroneous references to form field and cookie value testing from the HP Scrawlr tool description. Advisory Summary:Microsoft is aware of a recent escalation in a class of attacks targeting Web sites that use Microsoft ASP and ASP.NET technologies but do not follow best practices for secure Web application development. These SQL injection attacks do not exploit a specific software vulnerability, but instead target Web sites that do not follow secure coding practices for accessing and manipulating data stored in a relational database. When a SQL injection attack succeeds, an attacker can compromise data stored in these databases and possibly execute remote code. Clients browsing to a compromised server could be forwarded unknowingly to malicious sites that may install malware on the client machine.

More...
Reply With Quote
Google The UNIX and Linux Forums
Forum Sponsor
Reply

« Microsoft Security Advisory (954462): Rise in SQL Injection Attacks Exploiting Unveri | Microsoft Security Advisory (954960): Microsoft Windows Server Update Services (WSUS) »
Thread Tools
Display Modes
Linear Mode Linear Mode




All times are GMT -7. The time now is 05:00 PM.

The UNIX and Linux Forums RSS Feeds - Contact Us - The UNIX and Linux Forums - Archive - Top

Powered by: vBulletin, Copyright ©2000 - 2006, Jelsoft Enterprises Limited.
The UNIX and Linux Forums Content Copyright ©1993-2008 The CEP Blog All Rights Reserved -Ad Management by RedTyger Visit The Global Fact Book

Content Relevant URLs by vBSEO 3.2.0