There are available to download, a new POC tool, paper
and presentation on the latest MS SQL Server bugs.


Hunting Flaws in Microsoft SQL Server Presentation

This presentation was delivered at the Black Hat 2003
Windows Security Conference, and illustrates many new
Microsoft SQL Server vulnerabilities. Improvements
that were made to Microsoft SQL Server in the new SP3
release to fix these vulnerabilities are also
discussed. Also, a new tool to exploit the SQL
Injection techniques described in the paper
Manipulating Microsoft SQL Server Using SQL Injection
was also introduced. 

http://www.appsecinc.com/news/briefing.html#hunting <http://www.appsecinc.com/news/briefing.html>


Hunting Flaws in Microsoft SQL Server White Paper

This paper illustrates many new Microsoft SQL Server
vulnerabilities and how they were found. It explores
many of the issues discussed in its counterpart
presentation. 

http://www.appsecinc.com/news/briefing.html#hunting2 <http://www.appsecinc.com/news/briefing.html>


Data Thief

Data Thief is a "proof-on-concept" tool used to
demonstrate to web administrators and developers how
easy it is to steal data from a web application that
is vulnerable to SQL Injection. Data Thief is designed
to retrieve the data from a Microsoft SQL Server
back-end behind a web application with a SQL Injection
vulnerability. Once a SQL Injection vulnerability is
identified, Data Thief does all the work of listing
the linked severs, laying out the database schema, and
actually selecting the data from a table in the
application.

<http://www.appsecinc.com/resources/freetools/>

Feedback is welcome.

NEW SECURITY LIST: For people interested in SQL Server
security, vulnerabilities, SQL injection, etc., I'm
starting a new mailing list you can join at:

<http://groups.yahoo.com/group/sqlserversecurity/>

Enjoy!!

Cesar


__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
<http://search.yahoo.com>