Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


The Hidden Security Risks of Legacy Software

Jun 11, 2012, 14:00 (0 Talkback[s])

Sometimes there is no security patch available to directly modify and harden a legacy product. But a so-called “virtual patch” can address a known vulnerability upstream of the insecure application itself. For example, legacy database products can be vulnerable to SQL injection attacks – when a query sent to the database sneaks in syntax which tricks the database into modifying or revealing otherwise protected data. A virtual patch could consist of rules in a firewall packet inspector or web server which look for and detect SQL injection syntax and block the request before it ever reaches the vulnerable legacy product.

Complete Story