Researcher David Litchfield recently uncovered a new way for hackers to gain access to the Oracle database. The process has been dubbed "a lateral SQL injection", and can be described as an attack using date and number data types to trick the database into running SQL commands. Litchfield remarked that in order for database programmers to avoid this scenario, they need to make sure that all of their data is "not injected with SQL commands".
http://www.infoworld.com/article/08/04/25/Researcher-finds-new-way-to-hack-Oracle-database_1.html
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment