In association with heise online

13 February 2009, 14:34

SQL injector strikes again...

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

After SQL injection attacks on Kaspersky and BitDefender's Portuguese reseller, F-Secure has confirmed that it too found itself under attack. According to a blog posting on the F-Secure site, the attack was limited to one server, which has a page that didn't properly sanitise input.

F-Secure says that the attack was limited by its defence-in-depth strategy. The attackers could read information from the database, but could only see one database that the web servers SQL user had access to. That database only contained public information for display on the statistics web site, worldmap.f-secure.com.

(djwm)

Print Version | Send by email | Permalink: http://h-online.com/-740111
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit