Page 1 of 1

SQL injection ,300.000 sites infected

Posted: Fri Dec 18, 2009 9:19 pm
by abalfazl
http://forums.online-sweepstakes.com/sh ... ?p=8966972
The New SQL Injection Attack
December 11th, 2009
a new, extremely sophisticated SQL injection attack that may have already infected up to 300,000 Web pages has been detected. Perpetrators are using SQL injection to push a malicious iframe that is named script src=hxxp://318x.com into Web servers. (An iframe is an HTML structure that enables another HTML document to be put into an HTML page.)
What does it mean?Does it mean many web servers were vulnerable of SQL injection at the same time?How?Or is it a worm using SQL injection?

Is it about a security hole in MS SQL server?Anyone knows more technical details?

Re: SQL injection ,300.000 sites infected

Posted: Sat Dec 19, 2009 3:35 am
by kaisellgren
There are so many websites that are vulnerable to SQLi. It was a regular SQL injection attack, but the one who did this used those methods in SQL that require the FILE permission (SELECT ... INTO FILE, LOAD DATA INFILE, LOAD_FILE()), which is turned on by the most hosts by default, and was able to inject HTML into files.