Whew! That's a relief! Thanks for the confirmation and explanation, Ryan!
Rick > -----Original Message----- > From: Ryan Stille [mailto:[EMAIL PROTECTED] > Sent: Monday, August 11, 2008 11:51 AM > To: CF-Linux > Subject: Re: SQL injection attacks getting out of control > > mac jordan wrote: > > On Mon, Aug 11, 2008 at 4:20 PM, Ryan Stille <[EMAIL PROTECTED]> wrote: > > > > > >> Rick, I believe this current wave of attacks is only targeting MS SQL > >> Server. You mention you are using MySQL, so *this* particular attack > >> should be of no concern to you. > > > > > > What gives you that idea? We run CF on Linux/Apache with mySQL, and we've > > been under attack since Thursday, although thankfully it is easing now. > > > > Maybe 'targeting' was not the word to use. The attack is coded to > create MS SQL stored procedure and execute it. The SP goes through some > SQL Server specific system tables, and alters the data in them. MySQL > users are not vulnerable to this attack. > > -Ryan > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Linux/message.cfm/messageid:4439 Subscription: http://www.houseoffusion.com/groups/CF-Linux/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.14
