Until today, exploiting SQL server injection attacks depended on having the Web Server return detailed error messages or having any other source of information. As a result, many security administrators suppressed these error messages, assuming this would protect them from SQL server injection exploitation. This white paper shows, however, that suppressing the error messages does not provide real protection. The research done at Imperva reveals a set of techniques that can be easily used by attackers in order to bypass this obstacle, making it clear that more substantial measures must be taken against SQL server injection attacks.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
