| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> SQL Injection and Oracle?
Today I've seen two white papers on a technique called SQL Injection for exploiting databases via web pages. One of the papers was pretty much a step by step tutorial on how to reverse engineer data structures and have your way with a SQL Server database via ASP pages.
Both papers were ASP/SQL Server centric. But in my quick reads, I didn't see anything that made me think it would not work against many HTML forms backed by CGI scripts hitting Oracle databases that I've seen.
Am I missing something?
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author: Robert Eskridge
INET: bryny_at_dfweahs.net
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists --------------------------------------------------------------------To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). Received on Thu Jan 31 2002 - 21:18:47 CST
 |
 |