There is a SQL injection attack that is propagating on the web against ASP and
ASP.NET sites. This isn't really a exploit per se vs. bad coding. If
possible, I'd like to use nessus to detect a open server. Is there a plug-in
to detect this. I looked and didn't see anything specific.
Here is a variation of the script that gets populated.
nihaorr1.com/1.js
Here is a post on forums.iis.net about this.
http://forums.iis.net/t/1148917.aspx
Thanks in advance,
Steve Schofield
Windows Server MVP - IIS
http://weblogs.asp.net/steveschofield
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
