From: SPI Labs (spilabs@spidynamics.com)
Date: Mon Sep 08 2003 - 01:29:05 EDT
Blind SQL Injection white paper from SPILabs of Spidynamics, Inc
[Title]
Blind SQL Injection: Are Your Vulnerable?
[Abstract]
SQL Injection can deliver total control of your server
to a hacker giving them the ability to read, write and
manipulate all data stored in your backend systems! Despite
being remarkably simple to protect against, there are an
astonishing number of production systems connected to the
Internet "fixed" the problem by hiding error data from the
users but were left vulnerable to this type of attack!
[Link]
http://www.spidynamics.com/whitepapers/Blind_SQLInjection.pdf
[Contact Information]
spilabs@spidynamics.com
SPI Dynamics, Inc.
115 Perimeter Center Place N.E.
suite 270
Atlanta, GA. 30346
Toll-Free Phone: (866) 774-2700
SPI Dynamics was founded in 2000 by a team of accomplished Web security
specialists; SPI Dynamics is
the leader in Web application security technology. With such signature
products as WebInspect, SPI Dynamics
is dedicated to protecting companies' most valuable assets. SPI Dynamics has
created a new breed of
Internet security products for the Web application, the most vulnerable yet
least secure component of
online business infrastructure.
Copyright (c) 2003 SPI Dynamics, Inc. All rights reserved worldwide.
---------------------------------------------------------------------------
FREE Trial!
New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL
and PROFESSIONAL TL software. Fast, reliable vulnerability assessment
technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:39 EDT