« Anti DNS Pinning/DNS Rebinding is the new industry buzz(word) | Main | German sites close, as anti-hacking law arrives »

UN Hacked via SQL Injection

The UN was defaced with a political message and hackademix has published it was via a sql injection vulnerability.

"While most of us may agree with the message, many will object to the spelling, and specifically to the dont used instead of don.t. There.s a technical reason for the missing apostrophe, though, because messing with this very character (.) is part of the technique apparently used by the attackers.

As you can easily verify by opening this URL, the site is vulnerable to an attack called SQL Injection. This is a very well known kind of vulnerability, fairly easy to avoid and very surprising to find in such a high profile web site."

Story Link: http://hackademix.net/2007/08/12/united-nations-vs-sql-injections/
AFP Link: http://www.breitbart.com/article.php?id=070812123821.vj1b8zzk&show_article=1


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!