- TalkBack 5 of 23:
- Next »
- « Previous
- Thread View
- Flat View
- Because you are as clueless as the "journalist" reporting this
-
Investigators believe an SQL injection attack was used to exploit a vulnerability in Microsoft's SQL Server database
That simply doesn't make sense. An SQL injection attack is directed at the application running in front of the database server.
UPDATE: Actually it can make sense if the attackers were using an application level vulnerability (SQL injection vulnerability) to access the SQL Server and then used this access to execute an unpatched or zero-day vulnerability.
SQL Server is no more vulnerable to SQL injection attacks than Oracle, MySQL, PostgreSQL or Sybase are. Simply because that class of attack is not directed against the database server. You need a vulnerable application to be vulnerable to SQL injection attacks.
But if you so wish to compare security you can start by comparing how many actual vulnerabilities had hit each system:
Oracle 10.x: 828
MySQL 5.x: 33
PostgreSQL 8: 26
MySQL 4.x: 26
PostgreSQL 7: 24
SQL Server 2005: 10
Notice the one at the bottom? Microsoft SQL server seems to be the most secure of the bunch.
So what was it again that you didn't understand? Need some explanation or were you just trolling? - Posted by: honeymonster Posted on: 06/01/09 (Edited: 06/01/2009 @ 09:09) You are currently: a Guest | Members login | Terms of Use
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- Why Isn't Server Virtualization Saving Us More? A Few Small Changes May Dramatically Increase Your Efficiency VMware Companies have rapidly adopted server virtualization over the past few ... Download Now
- The True Costs of Virtual Server Solutions VMware In an economic environment that is repeatedly heralding the message "do ... Download Now
- Building the Virtualized Enterprise with VMware Iinfrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Reduce risk. Reduce complexity. Increase reliability.
-
A simplified IT environment isn't just less complex. It's also more reliable. Standardize on a single Linux platform with SUSE Linux Enterprise from Novell, and get the world's most interoperable Linux
- Learn more >>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- New Online Dashboard for IT Leaders
-
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
- Learn more >>
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer>>
Meet Doc
-
-
Here to help you with your Document Management Needs
- Check out Doc’s Blog on ZDNet
- Help your company, help the earth I want to share with you the Environmental Defense Fund Paper Calculator, which allows you to gauge your organization's environmental impact.
- Which is Greener: Paper or Digital? The Answer May Surprise You Anything we can do to reduce paper consumption is good. But what about the impact of digital waste?
-
Produced by
ZDNet and -
