|
|
|
Date Submitted:
08/18/05
Hits: 75 Rating:  based on 0 votes
Blindfolded SQL InjectionAdded by Papergrl
Description:
Until today, exploiting SQL server injection attacks depended on having the Web Server return detailed error messages or having any other source of information. As a result, many security administrators suppressed these error messages, assuming this would protect them from SQL server injection exploitation. This white paper shows, however, that suppressing the error messages does not provide real protection. The research done at Imperva reveals a set of techniques that can be easily used by attackers in order to bypass this obstacle, making it clear that more substantial measures must be taken against SQL server injection attacks.
Read the Complete Paper You don't have permission to post replies. Please login or register. |