Malicious code injection: It's not just about SQL anymore

Friday Oct 20th 2006 by DatabaseJournal.com Staff
Share:

The good news: Developers are becoming increasingly aware of the threat posed by SQL injection attacks and the pitfalls of leaving pre vulnerable to such attacks. The bad news: there are other types of pre injection attack...

[From security.itworld.com]

The good news: Developers are becoming increasingly aware of the threat posed by SQL injection attacks and the pitfalls of leaving pre vulnerable to such attacks. The bad news: there are other types of pre injection attack, including LDAP injection and XPath injection, that can be just as dangerous to your applications and your data. While these may not be as well-known to developers as SQL injection, they are already in the hands of hackers, and they should be of concern. To make matters worse, much of the common wisdom concerning remediation of malicious pre injection attacks is inadequate or inaccurate.

The article continues at http://security.itworld.com/4340/061019injection/page_1.html

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved