DISQUS

DISQUS Hello!  The comments on this profile are unclaimed and thus are unverified.

Do they belong to you? Claim these comments.

Raoul Duke's picture

Unregistered

Feeds

aliases

  • Raoul Duke

Raoul Duke

10 months ago

in Look What I Just Found In My Access.log on dmiessler.com | grep understanding

Its the latest MSSQL server injection hack whereby it messes up all existing character based columns. Details are here:


http://www.coldfusionmuse.com/index.cfm/2008/7/18/Injection-Using-CAST-And-ASCII


It seems that a lot of ColdFusion + MSSQL users have been particularly hit hard.

10 months ago

in Look What I Just Found In My Access.log on danielmiessler.com | grep understanding

Its the latest MSSQL server injection hack whereby it messes up all existing character based columns. Details are here:


http://www.coldfusionmuse.com/index.cfm/2008/7/18/Injection-Using-CAST-And-ASCII


It seems that a lot of ColdFusion + MSSQL users have been particularly hit hard.

Returning? Login