New SQL Injection Attack Infecting Machines

A new SQL injection attack started circulating last week, and appears to have infected several thousand web servers as of late Friday evening. The attacks look similar to the one below, and attempt to query random valid files on the web server. The sysobjects and syscolumns tables queried are the give away: the attack is targeting machines running MSSQL server and storing the malicious HTML code in the database. It’s also possible that web servers with Sybase database backends could also conceivably be exploited, as Sybase is largely using the same SQL syntax and table structure as MSSQL server

Share this Story
Load More Related Articles
Load More By Red Wolf
Load More In Technology

Leave a Reply

Your email address will not be published. Required fields are marked *

Photos from Flickr