[Top] [All Lists]

Re: verynx SQL injection attack

Subject: Re: verynx SQL injection attack
From: "Kronin555"
Date: Fri, 25 Jul 2008 00:33:48 +0000 UTC
Newsgroups: macromedia.coldfusion.server_administration
> CF is getting hit hard by this

 That might be true, but the only people that will actually get "hit" by this 
are ones that wrote code vulnerable to _any_ SQL injection attack. The only 
difference about this one is it's more automated and widespread.

 Doesn't change the fact that they're exploiting bad coding practices. It has 
nothing to do with CF, it has everything to do with the coders who wrote the 
code that is being exploited. This same attack will work against bad code 
written in other web scripting languages that interact with databases.

<Prev in Thread] Current Thread [Next in Thread>