sql injection with MS Access
From: helmut schmidt (helmutsch69@hotmail.com)Date: 11/28/01
- Previous message: amok: "RE: A tool for crafting ESP packets"
- Next in thread: Kevin Spett: "Re: sql injection with MS Access"
- Reply: Kevin Spett: "Re: sql injection with MS Access"
- Reply: Sverre H. Huseby: "Re: sql injection with MS Access"
- Reply: rudi carell: "Re: sql injection with MS Access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "helmut schmidt" <helmutsch69@hotmail.com> To: pen-test@securityfocus.com Subject: sql injection with MS Access Date: Wed, 28 Nov 2001 15:19:44 +0000 Message-ID: <F216oXM7e0C9guA8M6X00014eb7@hotmail.com>
Hi,
I am currently testing SQL injection with a web application and MS Access
database. I have some difficulties as I do not knowing the comment character
for Access Database.
In MSSQL I will terminate with -- but this does not work in MS Access. Can
someone confirm that SQL injection is feasible with MS Access database and
what is the correct comment character to use.
thanks Helmut
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: amok: "RE: A tool for crafting ESP packets"
- Next in thread: Kevin Spett: "Re: sql injection with MS Access"
- Reply: Kevin Spett: "Re: sql injection with MS Access"
- Reply: Sverre H. Huseby: "Re: sql injection with MS Access"
- Reply: rudi carell: "Re: sql injection with MS Access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
