Malicious Code Injection: It’s Not Just for SQL Anymore

Error message

  • Warning: Cannot modify header information - headers already sent by (output started at /home/infosecw/public_html/index.php:3) in drupal_send_headers() (line 1475 of /home/infosecw/public_html/includes/bootstrap.inc).
  • Warning: Cannot modify header information - headers already sent by (output started at /home/infosecw/public_html/index.php:3) in drupal_send_headers() (line 1475 of /home/infosecw/public_html/includes/bootstrap.inc).
  • Warning: Cannot modify header information - headers already sent by (output started at /home/infosecw/public_html/index.php:3) in drupal_send_headers() (line 1475 of /home/infosecw/public_html/includes/bootstrap.inc).
  • Warning: Cannot modify header information - headers already sent by (output started at /home/infosecw/public_html/index.php:3) in drupal_send_headers() (line 1475 of /home/infosecw/public_html/includes/bootstrap.inc).
  • Warning: Cannot modify header information - headers already sent by (output started at /home/infosecw/public_html/index.php:3) in drupal_send_headers() (line 1475 of /home/infosecw/public_html/includes/bootstrap.inc).
  • Warning: Cannot modify header information - headers already sent by (output started at /home/infosecw/public_html/index.php:3) in drupal_send_headers() (line 1475 of /home/infosecw/public_html/includes/bootstrap.inc).

Contributed by Bryan Sullivan

More and more, developers are becoming aware of the threats posed by malicious code, and SQL injection in particular, and by leaving code vulnerable to such attacks. However, while SQL is the most popular type of code injection attack, there are several others that can be just as dangerous to your applications and your data, including LDAP injection and XPath injection. While these may not be as well-known to developers, they are already in the hands of hackers, and they should be of concern.

This document is in PDF format. To view it click here.

Rate this article: 
No votes yet