SQL injections and connections to a DB

[Mike Tupker <mtupker () gmail com>]

We have a IIS web server setup on our DMZ with a connection to our DB
server which is running MS SQL server 7. Does anyone know of a program
that will check the code in a web page for vulnerabilities such as SQL
injections, overflows, or anything else that I might not be aware of?
Basically, I would like to know if there is any way for someone to use
the server on the DMZ to get to the DB server and cause damage.

 

Thanks in advance,

Mike Tupker