Re: New Web Vulnerability - Cross-Site Tracing

Previously I hadn't meant to reply to this, but to watch it and laugh silently.

I couldn't deal, however, with this last line. "we don't feel it to be laughable... but.. frightening."

This line makes me want to retch; it sums up the overuse of the XSS problem that is now a buzzword and shows us how much you want to make it seem to effect our daily lives.

Please reconsider the "implications" your white paper has presented and update us when you have a serious security problem at hand.

Thank you,
James J. Ferrara
Old Dominion University

>To:xss-is-lame@hushmail.com
"vulnwatch@vulnwatch.org" <vulnwatch@vulnwatch.org>, full-disclosure@lists.netsys.com
>bcc:
>Subject:Re: New Web Vulnerability - Cross-Site Tracing
>From: Jeremiah Grossman <jeremiah@whitehatsec.com>

>we dont feel it to be laughable... but..frightening.
Received on Wed Jan 22 22:53:39 2003

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek