Hosting Provided By

Mailing List Archive For webappsec@securityfocus.com By Date

31 Dec 2002
- RE: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Christopher Todd
- RE: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Michael Howard
30 Dec 2002
- Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Jeff Williams (at) Aspect
- Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Kevin Spett
- Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Dave Aitel
- Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Kevin Spett
- JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Christopher Todd
23 Dec 2002
- Re: securing web based game Tim Aranki
- Re: securing web based game Tomas
22 Dec 2002
- Re: securing web based game Adam [ckkl]
- Re: securing web based game Adrian Wiesmann
- Re: securing web based game Adam [ckkl]
- Mangle available for download Dawes, Rogan (ZA - Johannesburg)
- securing web based game Tomas
20 Dec 2002
- Re: post to bugtraq about "session fixation" H D Moore
- Re: SUMMARY modify non-persistent cookies and more q's Chris Wysopal
- Merry Christmas and a Happy New Year. Mark Curphey
- Re: post to bugtraq about "session fixation" Cesar
- Re: Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications Craig_Sullivan(at)Waitrose.co.uk
19 Dec 2002
- Re: encoder Kevin Spett
- Re: post to bugtraq about "session fixation" Steven M. Christey
- encoder N30
- Re: Security Paper: Session Fixation Vulnerability in Web-based Applications Bill Pennington
- Re: XSS Sverre H. Huseby
- Re: Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications Sverre H. Huseby
- Re: SUMMARY modify non-persistent cookies and more q's Kevin Spett
- Re: SUMMARY modify non-persistent cookies and more q's Dave Aitel
- RE: SUMMARY modify non-persistent cookies and more q's Dawes, Rogan (ZA - Johannesburg)
- SUMMARY modify non-persistent cookies and more q's mono toy
- Re: modify non-persistent cookies Choong-Fook Fong
18 Dec 2002
- Re: post to bugtraq about "session fixation" Alex Russell
- Re: post to bugtraq about "session fixation" Kevin Spett
- Re: post to bugtraq about "session fixation" Panayiotis A. Thermos
- Re: post to bugtraq about "session fixation" securityarchitect(at)hush.com
- post to bugtraq about "session fixation" Alex Russell
- Re: modify non-persistent cookies Kevin Spett
- Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications Mark Curphey
- RE: modify non-persistent cookies Uzi Refaeli
17 Dec 2002
- Re: modify non-persistent cookies zeno
- Re: modify non-persistent cookies Mr. Rufus Faloofus
- Re: modify non-persistent cookies Charles Miller
- Re: modify non-persistent cookies securityarchitect(at)hush.com
- RE: modify non-persistent cookies Venkat, Sanjay
- RE: modify non-persistent cookies Chris Neppes
- Re: modify non-persistent cookies MICHAEL GERMONY
- RE: modify non-persistent cookies Glyn
- Re: modify non-persistent cookies Peter Conrad
- Re: XSS and URL Encoded Session IDs Matthew Miller
- Re: XSS and URL Encoded Session IDs Ryan Yagatich
- RE: XSS and URL Encoded Session IDs The Crocodile
- modify non-persistent cookies mono toy
16 Dec 2002
- XSS and URL Encoded Session IDs B F
- Re: XSS Strings Tomas
- RE: XSS Strings Glyn
- Re: XSS Strings Jeroen Latour
- Re: XSS Strings Martin Eiszner
- XSS Strings securityarchitect(at)hush.com
- Re: XSS HarryM
15 Dec 2002
- Re: XSS appsec(at)technicalinfo.net
13 Dec 2002
- RE: forbidden functions on client-side scripts Thor Larholm
12 Dec 2002
- Re: forbidden functions on client-side scripts Alonso Robles
- Re: Web Application Analysis Tools? Kevin Spett
- Java validaton article Andrew Jaquith
- RE: Web Application Analysis Tools? Lars Troen
- Re: Web Application Analysis Tools? Jeff Williams (at) Aspect
- Re: Web Application Analysis Tools? Martin Eiszner
- Re: Web Application Analysis Tools? Kevin Spett
- Web Application Analysis Tools? David Simcik
- RE: forbidden functions on client-side scripts Uzi Refaeli
11 Dec 2002
- Re: XSS Matthew Miller
- Re: XSS Ed Tracy (at) Aspect Security
- forbidden functions on client-side scripts Shimon Silberschlag
- Re: XSS Jeff Williams (at) Aspect
- ENC: W3C XML encryption specs approved Mads Rasmussen
- Re: XSS Stephen de Vries
- Re: XSS Matthew Miller
- Re: Web single sign-on Andrew Chong
10 Dec 2002
- Re: XSS Kevin Spett
- RE: XSS Brett Moore
- Re: XSS zeno
- Re: JSP Security - Limiting URL's mlh(at)zip.com.au
- RE: Sequence Identification Routines? securityarchitect(at)hush.com
- Re: Apache module: mod_security Gabe Lawrence
- Re: Apache module: mod_security zeno
- RE: XSS David Endler
- Re: XSS zeno
- Re: XSS John Madden
- FW: Web single sign-on johneder(at)hushmail.com
- Re: Apache module: mod_security Ivan Ristic
- Re: Web single sign-on Greg Gagnon
- RE: XSS Ernesto Funes
- Re: Apache module: mod_security Klaus Doerrscheidt
- RE: Sequence Identification Routines? Dawes, Rogan (ZA - Johannesburg)
- Re: XSS Kevin Spett
- Re: Apache module: mod_security Ivan Ristic
- Re: Apache module: mod_security Bill Burge
- RE: XSS Eyal Udassin
- Re: XSS zeno
- Re: JSP Security - Limiting URL's Jeremy Poteet
- Re: Apache module: mod_security Dave Aitel
- Re: JSP Security - Limiting URL's Steve Posick
- Re: JSP Security - Limiting URL's Andrew Jaquith
- XSS John Madden
- Apache module: mod_security Ivan Ristic
09 Dec 2002
- Re: JSP Security - Limiting URL's Jeff Williams (at) Aspect
- JSP Security - Limiting URL's securityarchitect(at)hush.com
- RE: Web single sign-on securityarchitect(at)hush.com
- RE: Web single sign-on Sarbjit Singh Gill
- Re: Sequence Identification Routines? maddany
- Re: Web single sign-on wbjw(at)mindspring.com
- RE: Web single sign-on Simon Cunningham
- RE: Sequence Identification Routines? Tony Welsh
- Re: Web single sign-on securityarchitect(at)hush.com
- Re: Sequence Identification Routines? Jeff Williams (at) Aspect
- Web single sign-on Marty
- Re: Sequence Identification Routines? Charlie Root
- Re: Great XML Security Primer Javier Fernández-Sanguino Peña
- RE: Computer world article highlighting the importance of webapps ec St. Clair, James
- Sequence Identification Routines? Nick Jacobsen
08 Dec 2002
- RE: IIS session cookies Kapila, Sai
07 Dec 2002
- RE: IIS session cookies Forrest Lee Andrews
- OWASP Guide Version 2 - New Authors Wanted Mark Curphey
- Re: IIS session cookies securityarchitect(at)hush.com
05 Dec 2002
- Re: IIS session cookies Takayuki Nakamura
- Re: IIS session cookies Kevin Spett
- Computer world article highliting the importance of webappsec Keith T. Morgan
06 Dec 2002
- Re: IIS session cookies Cade Cairns
- Re: IIS session cookies Kevin Spett
- RE: IIS session cookies Michael Howard
05 Dec 2002
- IIS session cookies Cade Cairns
- Re: Hijacking URL Encoded Session IDs using Referer Logs UDP 53
- Re: Can I obtain BASIC AUTH credentials using an XSS vulnerbility Jill Tovey
04 Dec 2002
- Re: Top Ten Web App Sec Problems Steven M. Christey
- RE: WebAppSec Training Courses in UK Craig_Sullivan(at)Waitrose.co.uk
- RE: WebAppSec Training Courses in UK securityarchitect(at)hush.com
- Re: Top Ten Web App Sec Problems Jeff Williams (at) Aspect
- RE: WebAppSec Training Courses in UK Craig_Sullivan(at)Waitrose.co.uk
- RE: WebAppSec Training Courses in UK Glyn
03 Dec 2002
- Re: WebAppSec Training Courses in UK Jeff Williams (at) Aspect
- RE: Top Ten Web App Sec Problems b0iler _
- Re: WebAppSec Training Courses in UK Jeff Williams (at) Aspect
- Re: WebAppSec Training Courses in UK Kevin Spett
- Re: WebAppSec Training Courses in UK Kevin Spett
- RE: Top Ten Web App Sec Problems Richard M. Smith
- RE: Top Ten Web App Sec Problems Steven M. Christey
- RE: WebAppSec Training Courses in UK securityarchitect(at)hush.com
- Re: OpenHack and OWASP Testing Methodology jcosta(at)lendleaserei.com
- OpenHack and OWASP Testing Methodology David Endler
- RE: Top Ten Web App Sec Problems Craig, Scott
- RE: WebAppSec Training Courses in UK Glyn Geoghegan
02 Dec 2002
- Re: Top Ten Web App Sec Problems Jeff Williams (at) Aspect
- Re: Top Ten Web App Sec Problems Marc Slemko
- Re: Top Ten Web App Sec Problems Alex Russell
- Re: Top Ten Web App Sec Problems Alex Lambert
- Re: Top Ten Web App Sec Problems Kevin Spett
- Re: Top Ten Web App Sec Problems Andrew Jaquith
- RE: Top Ten Web App Sec Problems Richard M. Smith
- Re: WebAppSec Training Courses in UK Mark Curphey
- Re: WebAppSec Training Courses in UK Kevin Spett
- Re: WebAppSec Training Courses in UK Dan Cuthbert
- Re: Top Ten Web App Sec Problems Steven M. Christey
- WebAppSec Training Courses in UK phuc4(at)hushmail.com
- Re: Top Ten Web App Sec Problems Alex Russell
- FW: Top Ten Web App Sec Problems Keith T. Morgan
- Can I obtain BASIC AUTH credentials using an XSS vulnerbility frank fish
01 Dec 2002
- Great XML Security Primer Mark Curphey

Last message date: 31 Dec 2002
Archived on: 23 Aug 2006 EDT

166 messages sort by: [ thread ] [ author ] [ subject ] [ attachment ]
Other periods:[ Previous, Date view ] [ Next, Date view ]

This archive was generated by hypermail 2.1.8 : 23 Aug 2006 EDT