Search the archives!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] R: Cursor Injection - A New Method for Exploiting PL/SQL Injection and Potential Defences
- From: bunker at fastwebnet.it (bunker at fastwebnet.it)
- Subject: [Full-disclosure] R: Cursor Injection - A New Method for Exploiting PL/SQL Injection and Potential Defences
- Date: Mon, 26 Feb 2007 12:41:17 +0100 (CET)
>----Original message----
>From: davidl at ngssoftware.com
>Date: 26/02/2007 7.13
>To: <full-disclosure at lists.grok.org.uk>, <bugtraq at securityfocus.com>
>Subject: [Full-disclosure] Cursor Injection - A New Method for Exploiting
PL/SQL Injection and Potential Defences
> {CUT}
>http://www.databasesecurity.com/ - it's called "Cursor Injection - A New
>Method for Exploiting PL/SQL Injection and Potential Defences".
Very good work, man!
I'm trying your new "cursor injection" tip on my systems and it works right!
Thanks,
--
Andrea "bunker" Purificato
+++++++++++[>++++++>+++++++++++++++++++++++++++++++++>++++
++++++<<<-]>.>++++++++++.>.<----------.>---------.<+++++++.
http://rawlab.mindcreations.com
- Prev by Date: [Full-disclosure] Call for Paper - SyScan'07
- Next by Date: [Full-disclosure] flickr not truly private
- Previous by thread: [Full-disclosure] Call for Paper - SyScan'07
- Next by thread: [Full-disclosure] Local user to root escalation in apache 1.3.34 (Debian only)
- Index(es):