Subscribe

Share |

RSS 2.0

ATOM 1.0

Add to Google

Topics

User Functions





Don't have an account yet? Sign up as a New User
Lost your password?

SQL Truncation Attacks

SQL Server 2005

SQL injection attacks are nothing new and hopefully everyone is protecting themselves from it.

An interesting by-product of the standard method of protection from the basic sql injection attack (replace single quotes with two single quotes) is increasing the size of the original value. When building a command in a variable, its possible to truncate the original WHERE conditions allowing the attacker to affect much more data than the developer intended.

Bala Neerumalla has written a detailed article for MSDN Magazine with background on the attack methods, some excellent examples, and methods for detecting and preventing SQL Truncation attacks. Definately worth reading and implementing.

What's Related

Story Options

Trackback

Trackback URL for this entry: http://www.julian-kuiters.id.au/trackback.php/sqlserver2005-truncation-attack

Here's what others have to say about 'SQL Truncation Attacks':

Laura Biagiotti parfum from Laura Biagiotti parfum
Een heerlijke bloemige geur, met een modern karakter [read more]
Tracked on Saturday, December 12 2009 @ 08:02 AM EST

SQL Truncation Attacks | 0 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.


Gold Coast Aquarium Maintenance | Gold Coast Marine Fish | Gold Coast Tropical Fish

Poll

iPad

Are you redesigning your website for the iPad?

  •  Yes, Already done
  •  Yes, Already working on it
  •  Yes, In a few months
  •  Yes, When there are more iPad customers
  •  Yes but I don't know when
  •  Not sure yet
  •  No, We will not support iPad customers
This poll has 0 more questions.
Results
Other polls | 6 votes | 0 comments

About Dreaming Boy Technology

About Dreaming Boy Technology

We are a web design, web programming, web hosting and print design business.

We have over 13 years experience designing and building websites. We can handle websites of all sizes, from a simple web presence to a fully customised database driven website designed to handle thousands of customers a minute.

We can create you a custom website from scratch - that meets your needs as a business. And we can update your existing website if you wish.

Our design services can produce stunning website, print and logo designs that will create a recognisable brand for your business and invoke customer loyalty.

Our aim is to increase your sales and increase your customers through brand recognition and targeted marketing

Worlds Greatest Shave

Sponser me in the Worlds Greatest Shave to raise funds for cancer research

Client Sites
 
     
 Copyright © 2010 Julian Kuiters
 All trademarks and copyrights on this page are owned by their respective owners.