 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
| HomeDiscussion GroupsGeneralPHPASPPerlColdFusionFlashHTML, CSS, ScriptsBrowsers |
Webmaster Forum / ASP / General ASP Topics / July 2008Recent round of SQL injection attacks
We log hundreds of SQL injection attempts per day -- the type with CAST(0x44004500... AS VARCHAR(4000)). It amuses me that the last thing the attack does is DEALLOCATE its cursor. My SQL Server DBA tells me this makes no difference. So... Are these hackers cargo cultists? Or am I missing something?  SignatureDave Anderson Unsolicited commercial email will be read at a cost of $500 per message. Use of this email address implies consent to these terms. > We log hundreds of SQL injection attempts per day -- the type with > CAST(0x44004500... AS VARCHAR(4000)). It amuses me that the last > thing the attack does is DEALLOCATE its cursor. My SQL Server DBA > tells me this makes no difference. So... > > Are these hackers cargo cultists? Or am I missing something? I think it used to be necessary, at least in SQL 6.5 ... I remember reading about all sorts of dire consequences if a cursor was not explicitly closed and deallocated. BOL has said since SQL7: A cursor variable does not have to be explicitly deallocated. The variable is implicitly deallocated when it goes out of scope. So I guess the cargo has landed on the hackers' island... SignatureMicrosoft MVP -- ASP/ASP.NET Please reply to the newsgroup. The email account listed in my From header is my spam trap, so I don't check it very often. You will get a quicker response by posting to the newsgroup. |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.