[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] R: Cursor Injection - A New Method for Exploiting PL/SQL Injection and Potential Defences

To: <davidl@xxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>, <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] R: Cursor Injection - A New Method for Exploiting PL/SQL Injection and Potential Defences
From: <bunker@xxxxxxxxxxxxx>
Date: Mon, 26 Feb 2007 12:41:17 +0100 (CET)

>----Original message----
>From: davidl@xxxxxxxxxxxxxxx
>Date: 26/02/2007 7.13
>To: <full-disclosure@xxxxxxxxxxxxxxxxx>, <bugtraq@xxxxxxxxxxxxxxxxx>
>Subject: [Full-disclosure] Cursor Injection - A New Method for Exploiting      
PL/SQL Injection and Potential Defences
> {CUT}
>http://www.databasesecurity.com/ - it's called "Cursor Injection - A New 
>Method for Exploiting PL/SQL Injection and Potential Defences".

Very good work, man!
I'm trying your new "cursor injection" tip on my systems and it works right!


Thanks,
--
Andrea "bunker" Purificato
+++++++++++[>++++++>+++++++++++++++++++++++++++++++++>++++
++++++<<<-]>.>++++++++++.>.<----------.>---------.<+++++++.

http://rawlab.mindcreations.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] Call for Paper - SyScan'07
Next by Date: Re: [Full-disclosure] flickr not truly private
Previous by thread: [Full-disclosure] Call for Paper - SyScan'07
Next by thread: [Full-disclosure] Local user to root escalation in apache 1.3.34 (Debian only)
Index(es):
- Date
- Thread