[B! hp] ockeghemã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

ockeghem id:ockeghem

hpã«é–¢ã™ã‚‹ockeghemã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (3)

${{author_name}}$

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

${{author_name}}$
{{author_name}}{{created}}
{{ #comment }}{{ comment }}{{ /comment }}
- {{ label }}

${{author_name}}$

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

Scrawlrã‚’è©¦ã™ - teraccâ€™s blog
http://www.microsoft.com/japan/tech net/security/advisory/954462.mspx MSãŒã€SQL Injectionå¯¾ç–ãƒ„ãƒ¼ãƒ«ã‚’3ã¤ã»ã©ç´¹ä»‹ã—ã¦ã„ã¾ã™ã€‚ ãã®ã†ã¡ã€Scrawlrã‚’è©¦ã—ã¦ã¿ã¾ã—ãŸã€‚ Technical details for Scrawlr * Identify Verbose SQL Injection vulnerabilities in URL parameters * Can be configured to use a Proxy to access the web site * Will identify the type of SQL server in use * Will extract table names (verbose only) to guarantee no false positive
ockeghem 2008/06/26
Scrawlrã®æ¤œè¨¼

hp

security

sqlã‚¤ãƒ³ã‚¸ã‚§ã‚¯ã‚·ãƒ§ãƒ³

teracc
ãƒªãƒ³ã‚¯
http://japan.internet.com/webtech/20080529/11.html
ockeghem 2008/05/29
åŒç¤¾ã®ã€ŽAssessment Management Platformã€ã ã€‚ãã—ã¦åŒãƒ—ãƒ©ãƒƒãƒˆãƒ•ã‚©ãƒ¼ãƒ ä¸Šã§ã€é–‹ç™ºè€…å‘ã‘ã®ãƒ„ãƒ¼ãƒ«ã€ŽDevInspectã€ã€å“è³ªä¿è¨¼æ‹…å½“è€…å‘ã‘ã®ãƒ„ãƒ¼ãƒ«ã€ŽQAInspectã€ã€é‹ç”¨æ‹…å½“ãŠã‚ˆã³ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£å°‚é–€å®¶å‘ã‘ã®ãƒ„ãƒ¼ãƒ«ã€ŽWebInspectã€ãŒå‹•ä½œã™ã‚‹

was

security

web

hp
ãƒªãƒ³ã‚¯
æ—¥æœ¬HPã®é¡§å®¢æƒ…å ±æµå‡ºã€æ¤œç´¢ã‚¨ãƒ³ã‚¸ãƒ³çµŒç”±ã§ç´„14ä¸‡ä»¶åˆ†ã«ã‚¢ã‚¯ã‚»ã‚¹
Windows SQL Server 2005ã‚µãƒãƒ¼ãƒˆçµ‚äº†ã®4æœˆ12æ—¥ãŒè¿«ã‚‹ã€å ±å‘Šæ¸ˆã¿è„†å¼±æ€§ã®æ·±åˆ»åº¦ã‚‚é«˜ãã€æ—©æ€¥ãªç§»è¡Œã‚’
ockeghem 2008/03/01
security

hp

å€‹äººæƒ…å ±
ãƒªãƒ³ã‚¯
1

ãŠçŸ¥ã‚‰ã›

ã‚‚ã£ã¨èªã‚€

å…¬å¼Twitter

@hatebu
æœ€æ–°ã®äººæ°—ã‚¨ãƒ³ãƒˆãƒªãƒ¼ã®é…ä¿¡

ã‚ãƒ¼ãƒœãƒ¼ãƒ‰ã‚·ãƒ§ãƒ¼ãƒˆã‚«ãƒƒãƒˆä¸€è¦§

jæ¬¡ã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

kå‰ã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

lã‚ã¨ã§èªã‚€

eã‚³ãƒ¡ãƒ³ãƒˆä¸€è¦§ã‚’é–‹ã

oãƒšãƒ¼ã‚¸ã‚’é–‹ã

è¨å®šã‚’å¤‰æ›´ã—ã¾ã—ãŸx

ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

ã‚¿ã‚°

é–¢é€£ã‚¿ã‚°ã§çµžã‚Šè¾¼ã‚€ (6)

hpã«é–¢ã™ã‚‹ockeghemã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (3)

ãŠçŸ¥ã‚‰ã›

ä»Šé€±ã®ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚ãƒ³ã‚°ï¼ˆ2024å¹´12æœˆç¬¬1é€±ï¼‰

æœˆé–“ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚ãƒ³ã‚°ï¼ˆ2024å¹´11æœˆï¼‰

ä»Šé€±ã®ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚ãƒ³ã‚°ï¼ˆ2024å¹´11æœˆç¬¬5é€±ï¼‰

å…¬å¼Twitter

ã‚ãƒ¼ãƒœãƒ¼ãƒ‰ã‚·ãƒ§ãƒ¼ãƒˆã‚«ãƒƒãƒˆä¸€è¦§

ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

å…¬å¼Twitter

ã¯ã¦ãªã®ã‚µãƒ¼ãƒ“ã‚¹

ã‚¿ã‚°

é–¢é€£ã‚¿ã‚°ã§çµžã‚Šè¾¼ã‚€ (6)

hpã«é–¢ã™ã‚‹ockeghemã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (3)

Scrawlrã‚’è©¦ã™ - teraccâ€™s blog

http://japan.internet.com/webtech/20080529/11.html

æ—¥æœ¬HPã®é¡§å®¢æƒ…å ±æµå‡ºã€æ¤œç´¢ã‚¨ãƒ³ã‚¸ãƒ³çµŒç”±ã§ç´„14ä¸‡ä»¶åˆ†ã«ã‚¢ã‚¯ã‚»ã‚¹

ãŠçŸ¥ã‚‰ã›

ä»Šé€±ã®ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚­ãƒ³ã‚°ï¼ˆ2024å¹´12æœˆç¬¬1é€±ï¼‰

æœˆé–“ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚­ãƒ³ã‚°ï¼ˆ2024å¹´11æœˆï¼‰

ä»Šé€±ã®ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚­ãƒ³ã‚°ï¼ˆ2024å¹´11æœˆç¬¬5é€±ï¼‰

å…¬å¼Twitter

ã‚­ãƒ¼ãƒœãƒ¼ãƒ‰ã‚·ãƒ§ãƒ¼ãƒˆã‚«ãƒƒãƒˆä¸€è¦§

ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

å…¬å¼Twitter

ã¯ã¦ãªã®ã‚µãƒ¼ãƒ“ã‚¹

é–¢é€£ã‚¿ã‚°ã§çµžã‚Šè¾¼ã‚€ (6)

hpã«é–¢ã™ã‚‹ockeghemã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (3)

Scrawlrã‚’è©¦ã™ - teraccâ€™s blog

æ—¥æœ¬HPã®é¡§å®¢æƒ…å ±æµå‡ºã€æ¤œç´¢ã‚¨ãƒ³ã‚¸ãƒ³çµŒç”±ã§ç´„14ä¸‡ä»¶åˆ†ã«ã‚¢ã‚¯ã‚»ã‚¹

ãŠçŸ¥ã‚‰ã›

ä»Šé€±ã®ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚ãƒ³ã‚°ï¼ˆ2024å¹´12æœˆç¬¬1é€±ï¼‰

æœˆé–“ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚ãƒ³ã‚°ï¼ˆ2024å¹´11æœˆï¼‰

ä»Šé€±ã®ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯æ•°ãƒ©ãƒ³ã‚ãƒ³ã‚°ï¼ˆ2024å¹´11æœˆç¬¬5é€±ï¼‰

å…¬å¼Twitter

ã‚ãƒ¼ãƒœãƒ¼ãƒ‰ã‚·ãƒ§ãƒ¼ãƒˆã‚«ãƒƒãƒˆä¸€è¦§

ã¯ã¦ãªãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

å…¬å¼Twitter

ã¯ã¦ãªã®ã‚µãƒ¼ãƒ“ã‚¹