Advertisement

05.27.2008 at 06:18AM PDT, ID: 23434648
[x]
Attachment Details

Stored Procedures Prevent Injection Attacks?

Asked by rito1 in Networking Security Vulnerabilities, Active Server Pages (ASP), Web Servers

Hi All

A website of ours has recently been hit by an injection attack which is corrupting our data within the following line <script src=http://www.dota11 .cn / m.js></script> (added spaces to prevent anyone from clicking it by mistake!)

I have been going through my weblogs and have located where they have tried to perform the attack... Obviously one of our files are vulnerable but inspecting the majority of these files, they actually trigger a stored procedure rather than use inline code.

Please could anyone confirm that I should be looking for inline cone instance and am safe to leave the stored procedure referenced pages as they are?

Is there a cool gadget that can test for vulnerabilities on certain pages or is it more of a painstaking job?

Many thanks,

RitStart Free Trial
 
Keywords: Stored Procedures Prevent Injection Att…
Title
1 Dynamic SQL / Stored Procedure and…
2 Virus/SQL Injection Attack
3 Blocking a sql injection attack in ASP
4 sql script injection
5 Attack IRAN?
6 Smurf Amplification Attack
 
Loading Advertisement...
 
[+][-]05.27.2008 at 07:06AM PDT, ID: 21651975

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.27.2008 at 08:01AM PDT, ID: 21652412

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Networking Security Vulnerabilities, Active Server Pages (ASP), Web Servers
Sign Up Now!
Solution Provided By: dosth
Participating Experts: 2
Solution Grade: A
 
 
[+][-]05.27.2008 at 08:15AM PDT, ID: 21652552

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.27.2008 at 08:35AM PDT, ID: 21652776

Assisted solutions are selected by the member who asked the question as a comment that contributed to their question's solution.

Start your 7-day free trial to view this Assisted Solution or ask the Experts your question.

 
[+][-]05.27.2008 at 08:56AM PDT, ID: 21652979

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.27.2008 at 10:58PM PDT, ID: 21657992

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.28.2008 at 12:47AM PDT, ID: 21658458

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.28.2008 at 01:00AM PDT, ID: 21658495

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628