oh dude, I've missed you. On Wed, Mar 17, 2010 at 9:36 PM, MustLive <[email protected]>wrote:
> Hello Full-Disclosure! > > Yesterday I wrote English version of my article SQL DB Structure Extraction > vulnerabilities (http://websecurity.com.ua/4038/). > > There is such variety of Information Leakage vulnerabilities as SQL DB > Structure Extraction. This vulnerability lie in that there is information > leakage in web application about structure of the database. This > information > leakage can be of use at SQL Injection attack. > > Such vulnerability I found first time already in 2006 (at one site) and > gave > it this name. Such vulnerabilities I found at many web sites and also in > many web applications. > > In the article I talked about SQL DB Structure Extraction, different > variants of SQL Errors (three variants) and about difference between SQL DB > Structure Extraction and SQL Error. > > You can read the article SQL DB Structure Extraction vulnerabilities at my > site: http://websecurity.com.ua/4038/ > > Best wishes & regards, > MustLive > Administrator of Websecurity web site > http://websecurity.com.ua > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
