San Antonio, TX (PRWEB) January 31, 2012
Digital Defense, Inc. (DDI), a leading provider of managed cloud-based security assessments, disclosed a vulnerability within the LoginServlet page of the SolarWinds Storage Manager Server. This flaw could allow an attacker to extract sensitive information from the back-end database using standard SQL injection exploitation techniques. Additionally, an attacker may be able to leverage this flaw to compromise the database server host operating system. DDI immediately notified SolarWinds of the finding.
DDIs Vulnerability Research Team (VRT), utilizing data provided by DDIs cloud-based Frontline Solutions Platform (FSP), provides the analytic expertise necessary to quickly identify previously unknown vulnerabilities, commonly referred to as Zero-Day issues. Within recent months, DDIs VRT has released multiple vulnerability disclosures, including those within widely used platforms such as the IBM