Penetration Testing mailing list archives

sql injection with MS Access

From: "helmut schmidt" <helmutsch69 () hotmail com>
Date: Wed, 28 Nov 2001 15:19:44 +0000

Hi,

I am currently testing SQL injection with a web application and MS Accessdatabase. I have some difficulties as I do not knowing the comment characterfor Access Database.

In MSSQL I will terminate with -- but this does not work in MS Access. Cansomeone confirm that SQL injection is feasible with MS Access database andwhat is the correct comment character to use.


thanks Helmut

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

sql injection with MS Access helmut schmidt (Nov 28)
- Re: sql injection with MS Access Kevin Spett (Nov 28)
- Re: sql injection with MS Access Sverre H. Huseby (Nov 28)
- <Possible follow-ups>
- Re: sql injection with MS Access rudi carell (Nov 29)