Printer Friendly
The Free Library
23,421,980 articles and books


New technique threatens databases.

Edited by Zeid Nasser Database security expert David Litchfield has published details of a new type of database attack technique. Lateral SQL injection creates a means for hackers to access database data or inject hostile code onto vulnerable systems. Exploitation is difficult and only possible in limited circumstances, Litchfield notes. Nonetheless, the discovery of the approach - a variant on earlier attack methods - means that database admins can no longer consider DATE or NUMBER data types safe from attack. Lateral SQL injection is a variant of SQL injection attacks, one of the most common methods for attacking database systems. SQL injection attacks involve attempts by hackers to trick database servers into running SQL commands, typically after crackers use vulnerabilities to inject character strings onto databases. Lateral SQL injections are a variant of the theme that use other forms of data - DATE and NUMBER data types. These attacks relate to Procedural Language/SQL programming language used by Oracle developers, and involves the possible development of exploits that involve hostile DATE or even NUMBER data types instead of user input. A*New technique threatens databases

2003 Jordan Press & publishing Co. All rights reserved.

Provided by Syndigate.info an Albawaba.com company
COPYRIGHT 2008 Al Bawaba (Middle East) Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2008 Gale, Cengage Learning. All rights reserved.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Publication:The Star (Amman, Jordan)
Date:May 5, 2008
Words:198
Previous Article:Jordan Insurance Co. goes live with ESKADENIA E-insurance and ERP products.
Next Article:Saudi blogger freed after 4 months in Jail.
Topics:

Terms of use | Copyright © 2014 Farlex, Inc. | Feedback | For webmasters