Imperva Blog|Login|中文Deutsch日本語

Mitigating Client Side Database Protocol Attacks

This video demonstration illustrates methods for attacking databases by leveraging a client side application as well as vulnerabilities within the database protocol. This example addresses Oracle 10i. Using a Hex or Text editor it is possible to modify the SQL login stream on the client side in a way that takes advantage of the Oracle Database User running as DBA. By compromising the process with an attack such as a buffer overflow, an attacker can perform an injection of code causing anything from a denial of service attack to data modification on the Oracle server side database.

Return to video listing Request More Information

Tags: Attack Method, Web Application Security, Database Security