Imperva Discovers and Helps Microsoft Address SQL Server Vulnerability; Application Defense Center Submits Audit Evasion Vulnerability to Microsoft.Imperva Application Defense Center (ADC (1) See A/D converter. (2) (Apple Display Connector) A peripheral connector from Apple that combines digital video display, USB and power in one cable. )
WHO: Imperva Application Defense Center (ADC)
WHAT: Discovered vulnerability in Microsoft SQL Server 2000 that
enables a user to mask their login name from the standard
Microsoft audit tools. The vulnerability and corrective action are
detailed in Microsoft Knowledge Base Article entitled "BUG: Login
names that contain leading zero characters are not visible when
you use SQL Profiler to audit connections to SQL Server 2000". The
Imperva SecureSphere Database Security Gateway automatically
protects Microsoft SQL Server against this vulnerability. These
protection capabilities are outlined in the Imperva Security
Advisory entitled "Microsoft SQL Server Audit Bug".
WHERE: This Microsoft Knowledge Base Article is located at:
http://support.microsoft.com/default.aspx?scid=kb;en-us;910741.
The Imperva Security Advisory is available at:
www.imperva.com/application_defense_center/papers/ms-sql-11302005.html
WHEN: The Microsoft Knowledge Base Article was released on Nov. 30,
2005.
HOW: ADC conducts ongoing research into database security issues, and
discovered this vulnerability during an in-depth analysis of
log-in mechanisms and protocols. ADC's research findings are used
to enhance the SecureSphere product line with next generation
attack detection and protection features.
About Imperva Imperva is the leader in data security. The SecureSphere product line secures sensitive and proprietary data in corporate data centers. SecureSphere protects web applications against insider threats, as well as external attack and worm worm, common name for various unrelated invertebrate animals with soft, often long and slender bodies. Members of the phylum Platyhelminthes, or the flatworms, are the most primitive; they are generally small and flat-bodied and include the free-living planarians (of infection. It requires no manual tuning or changes to existing infrastructure. Imperva SecureSphere gateway appliances are deployed in leading financial, healthcare, and retail organizations around the globe. Led by Shlomo Shlomo, meaning peace, is a common Hebrew male given name. The following individuals are often referred to only by the name Shlomo:
American writer and activist whose works include the novel Faggots (1978) and the play The Normal Heart (1985). In 1988 he founded the radical AIDS awareness group ACT UP (AIDS Coalition to Unleash Power). , a Check Point Software Technologies founder, Imperva is privately funded by Accel Partners, US Venture Partners, and Venrock Venrock is a pioneering venture capital firm formed in 1969 to build upon the successful investing activities of the Rockefeller family that began in the late 1930’s. It has offices in Menlo Park, California, New York City, Cambridge, Massachusetts, and Israel. Associates. For more information, visit www.imperva.com. About the Imperva Application Defense Center Imperva's Application Defense Center (ADC) is a research and professional services (job) professional services - A department of a supplier providing consultancy and programming manpower for the supplier's products. organization dedicated to building the most advanced application security knowledge base in the world. ADC research combines extensive lab work with hands-on hands-on adj. Involving active participation; applied, as opposed to theoretical: "We're involved in hands-on operations, pulling levers, pushing buttons" Arthur R. Taylor. practice in real world environments. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion