SQL Injection Attacks on IIS Web Servers

Navigation

Montreal .NET User Groups

Groupe d'usagers Visual Studio

SQL Injection Attacks on IIS Web Servers

There have been conflicting reports about SQL Server injection attacks and a possible new IIS vulnerability.

This is not related to a new IIS or SQL or ASP.NET vulnerability
A bot is scanning the Web trying SQL Server injections
Of course, it is finding a lot of poorly designed non secured pages

Get the facts and learn about injection attacks:
http://blogs.iis.net/bills/archive/2008/04/25/sql-injection-attacks-on-iis-web-servers.aspx

Posted: Apr 26 2008, 08:32 AM by guybarrette | with 2 comment(s) |

Filed under: .NET

Comments

pbz said:

Unfortunately, "some" people as soon as they see anything about Microsoft their brains shut down and then they start typing.

# April 27, 2008 12:00 PM

rrobbins said:

I manage a classic ASP web application that is probably vulnerable to SQL Injection attacks. Now I will need to write a lot of stored procedures. :(

I haven't seen any developer blog posts about security and none of the programming books I've read this year have even mentioned security. I consider this a fine example of how a narrow focus on "engineering practices" does not make for excellence in application development.

# April 28, 2008 9:00 AM

Guy Barrette

Recent Posts

Tags

Navigation

Montreal .NET User Groups

Archives

SQL Injection Attacks on IIS Web Servers

Comments

pbz said:

rrobbins said: