Secure Coding mailing list archives
Announce: An Introduction To SQL Injection Attacks For Oracle Developers
From: "Kenneth R. van Wyk" <Ken () KRvW com>
Date: Sat, 24 Jan 2004 16:35:13 +0000
FYI, Stephen Kost of Integrigy Corporation has published a paper called, "An Introduction To SQL Injection Attacks For Oracle Developers". The full 24 page paper (in PDF format) is freely available at: http://www.net-security.org/dl/articles/IntegrigyIntrotoSQLInjectionAttacks.pdf On first glance, it appears to me to be a pretty worthwhile read, FWIW. Although it is aimed at Oracle developers and much of the paper is indeed Oracle-specific, pretty much anyone writing multi-tier SQL database software could find useful information in it. Cheers, Ken van Wyk KRvW Associates, LLC http://www.KRvW.com
Current thread:
- Announce: An Introduction To SQL Injection Attacks For Oracle Developers Kenneth R. van Wyk (Jan 24)
- virtual servers Serban Gh. Ghita (Feb 03)