09 Sep 2010 
Support Center » Knowledgebase » SQL Server Injection
 Login  
Username:
Password:
Remember Me:
 
 Search
 Article Options
 Add Comment
 Print Article
 PDF Version
 Email Article
 Add to Favorites
 SQL Server Injection
Solution There have been several malicious site comprimise attacks circulating the internet over the last few weeks - the result of which is the insertion of HTML script tags (containing trojan payload destination URL addresses) into text fields in a SQL Server database. These malicious textinsertions can then appear on compromised websites via amended menu or other link options which if selected, divert the user to the payload URL which can attempt to exploit unpatched browsers.

Some information can bee seen here:
http://www.castlecops.com/p1088480-Malware_Hundreds_of_thousands_of_SQL_injections.html

and some information on how to identify the problem site pages and the techniques used in a specific attack case here:
http://blogs.technet.com/neilcar/archive/2008/03/15/anatomy-of-a-sql-injection-incident-part-2-meat.aspx

and general advice on SQL Injection prevention here:
http://blogs.technet.com/ms_schweiz_security_blog/archive/2008/05/28/sql-injection-general-guidance.aspx
http://msdn.microsoft.com/en-us/library/ms161953.aspx
http://blogs.technet.com/rhalbheer/archive/2008/05/30/the-latest-sql-injection-attacks.aspx

Even if the database fields are cleaned manually, such infections can continue unless the web site code itself is hardened to prevent such SQL injection access. We would recommend all customers to review their site code and strengthen the variable validation accordingly, so that existing or future attack threats can be neutralised.

RapidHost Technical Team


Article Details
Article ID: 1009
Created On: 13 Jun 2008 09:44 AM

 This answer was helpful  This answer was not helpful

 User Comments Add a Comment
 Back
Home | Submit a Ticket | Knowledgebase | News | Downloads
Language:

Help Desk Software By Kayako SupportSuite v3.50.06