Hosting Provided By

Mailing List Archive For webappsec@securityfocus.com Jan 2003 By Thread

RE: HTTP Header and POST Data Exploitation Indian Tiger (Thu Jan 09 2003 - 06:43:06 EST)
Re: protecting perl script source H D Moore (Fri Jan 31 2003 - 13:39:57 EST)
Re: protecting perl script source Jim McGarvey (Thu Jan 30 2003 - 11:35:06 EST)
RE: protecting perl script source Eyal Udassin (Thu Jan 30 2003 - 04:03:20 EST)
Re: protecting perl script source Peter Sergeant (Thu Jan 30 2003 - 03:26:03 EST)
RE: protecting perl script source Ogston, Iain M (Thu Jan 30 2003 - 03:00:11 EST)
Re: protecting perl script source Tim Valdez (Wed Jan 29 2003 - 20:35:39 EST)
SPIKE Proxy 1.4.7 is now available Dave Aitel (Wed Jan 29 2003 - 17:49:31 EST)
Re: [whisker] How to Analyse Whisker Report rain forest puppy (Wed Jan 29 2003 - 04:23:17 EST)
Re: PL/SQL web application naka (Wed Jan 29 2003 - 00:35:30 EST)
Re: PL/SQL web application Kevin Spett (Tue Jan 28 2003 - 10:38:38 EST)
PL/SQL web application naka (Tue Jan 28 2003 - 09:08:29 EST)
Re: Generic User password management Ed Tracy (at) Aspect Security (Mon Jan 27 2003 - 15:14:22 EST)
[ANNOUNCEMENT] mod_security 1.4 released Ivan Ristic (Mon Jan 27 2003 - 14:03:33 EST)
XS(T) attack variants which can, in some cases, eliminate the need for TRACE Amit Klein (Sun Jan 26 2003 - 08:25:23 EST)
Re: Lazy sanitizing of data for SQL queries HarryM (Fri Jan 24 2003 - 23:21:47 EST)
RE: Lazy sanitizing of data for SQL queries Lawrence, Gabriel (Fri Jan 24 2003 - 16:30:50 EST)
Re: Lazy sanitizing of data for SQL queries Sverre H. Huseby (Fri Jan 24 2003 - 16:00:21 EST)
Re: Lazy sanitizing of data for SQL queries HarryM (Fri Jan 24 2003 - 15:51:03 EST)
Generic User password management Augusto Paes de Barros (Fri Jan 24 2003 - 09:47:33 EST)
RE: Lazy sanitizing of data for SQL queries Brass, Phil (ISS Atlanta) (Fri Jan 24 2003 - 15:36:14 EST)
Re: Lazy sanitizing of data for SQL queries Sverre H. Huseby (Fri Jan 24 2003 - 15:31:03 EST)
Lazy sanitizing of data for SQL queries HarryM (Fri Jan 24 2003 - 14:09:56 EST)
Re: New Web Vulnerability - Cross-Site Tracing Steven M. Christey (Thu Jan 23 2003 - 21:41:32 EST)
Re: New Web Vulnerability - Cross-Site Tracing (fwd) Jeremiah Grossman (Thu Jan 23 2003 - 20:33:59 EST)
Re: TRACE used to increase the dangerous of XSS. Phrack (Thu Jan 23 2003 - 20:08:28 EST)
RE: [Full-Disclosure] Re: New Web Vulnerability - Cross-Site Tracing Steven M. Christey (Thu Jan 23 2003 - 19:46:45 EST)
Re: New Web Vulnerability - Cross-Site Tracing xss-is-lame(at)hushmail.com (Thu Jan 23 2003 - 19:38:05 EST)
Re: TRACE used to increase the dangerous of XSS. Jeremiah Grossman (Thu Jan 23 2003 - 11:03:17 EST)
Re: New Web Vulnerability - Cross-Site Tracing Steven M. Christey (Thu Jan 23 2003 - 17:17:34 EST)
RE: [Full-Disclosure] Re: New Web Vulnerability - Cross-Site Tracing Richard M. Smith (Thu Jan 23 2003 - 17:48:08 EST)
RE: TRACE used to increase the dangerous of XSS. Jason Coombs (Thu Jan 23 2003 - 14:58:51 EST)
RE: TRACE used to increase the dangerous of XSS. Thor Larholm (Thu Jan 23 2003 - 12:01:14 EST)
Re: TRACE used to increase the dangerous of XSS. Peter Watkins (Thu Jan 23 2003 - 15:28:24 EST)
Re: New Web Vulnerability - Cross-Site Tracing (fwd) Marc Slemko (Thu Jan 23 2003 - 14:49:50 EST)
Re: [VulnDiscuss] Re: TRACE used to increase the dangerous of XSS. Kevin Spett (Thu Jan 23 2003 - 13:32:13 EST)
Re: New Web Vulnerability - Cross-Site Tracing (fwd) Gary Flynn (Thu Jan 23 2003 - 08:12:00 EST)
RE: TRACE used to increase the dangerous of XSS. Richard M. Smith (Thu Jan 23 2003 - 10:26:01 EST)
Re: [Full-Disclosure] Re: New Web Vulnerability - Cross-Site Tracing Thor Larholm (Thu Jan 23 2003 - 10:04:19 EST)
Re: [Full-Disclosure] Re: New Web Vulnerability - Cross-Site Tracing zeno (Thu Jan 23 2003 - 09:32:34 EST)
Re: TRACE used to increase the dangerous of XSS. Sverre H. Huseby (Thu Jan 23 2003 - 07:14:25 EST)
Re: New Web Vulnerability - Cross-Site Tracing H D Moore (Thu Jan 23 2003 - 06:36:38 EST)
RE: TRACE used to increase the dangerous of XSS. Thor Larholm (Thu Jan 23 2003 - 04:33:00 EST)
RE: TRACE used to increase the dangerous of XSS. Thor Larholm (Thu Jan 23 2003 - 04:10:49 EST)
Re: TRACE used to increase the dangerous of XSS. Tim Greer (Wed Jan 22 2003 - 23:32:37 EST)
Re: TRACE used to increase the dangerous of XSS. Jeremiah Grossman (Wed Jan 22 2003 - 21:57:11 EST)
Re: New Web Vulnerability - Cross-Site Tracing Jeremiah Grossman (Wed Jan 22 2003 - 21:49:46 EST)
Re: New Web Vulnerability - Cross-Site Tracing Tim Greer (Wed Jan 22 2003 - 21:28:08 EST)
Re: TRACE used to increase the dangerous of XSS. Jeremiah Grossman (Wed Jan 22 2003 - 21:41:18 EST)
Re: TRACE used to increase the dangerous of XSS. Doug Monroe (Wed Jan 22 2003 - 21:28:21 EST)
RE: TRACE used to increase the dangerous of XSS. Jeremiah Grossman (Wed Jan 22 2003 - 21:28:15 EST)
RE: TRACE used to increase the dangerous of XSS. Richard M. Smith (Wed Jan 22 2003 - 21:06:48 EST)
Re: TRACE used to increase the dangerous of XSS. Kevin Spett (Wed Jan 22 2003 - 20:59:42 EST)
Re: New Web Vulnerability - Cross-Site Tracing JAMES J FERRARA (Wed Jan 22 2003 - 22:37:12 EST)
Re: New Web Vulnerability - Cross-Site Tracing Jeremiah Grossman (Wed Jan 22 2003 - 19:25:01 EST)
Re: TRACE used to increase the dangerous of XSS. Jordan Frank (Wed Jan 22 2003 - 20:45:50 EST)
Re: New Web Vulnerability - Cross-Site Tracing (fwd) Jeremiah Grossman (Wed Jan 22 2003 - 19:09:41 EST)
Re: New Web Vulnerability - Cross-Site Tracing xss-is-lame(at)hushmail.com (Wed Jan 22 2003 - 18:52:20 EST)
RE: TRACE used to increase the dangerous of XSS. Jeremiah Grossman (Wed Jan 22 2003 - 18:35:08 EST)
Re: New Web Vulnerability - Cross-Site Tracing Jeremiah Grossman (Wed Jan 22 2003 - 17:25:57 EST)
Re: New Web Vulnerability - Cross-Site Tracing (fwd) Marc Slemko (Wed Jan 22 2003 - 18:25:01 EST)
RE: TRACE used to increase the dangerous of XSS. Richard M. Smith (Wed Jan 22 2003 - 17:34:59 EST)
Re: security of interactive webpages Pig Monkey (Wed Jan 22 2003 - 17:51:47 EST)
Re: New Web Vulnerability - Cross-Site Tracing xss-is-lame(at)hushmail.com (Wed Jan 22 2003 - 16:31:34 EST)
.NET MVC and RBAC in C# Mark Curphey (Wed Jan 22 2003 - 16:29:34 EST)
List is a little sporadic Mark Curphey (Wed Jan 22 2003 - 16:10:06 EST)
TRACE used to increase the dangerous of XSS. Jeremiah Grossman (Wed Jan 22 2003 - 15:32:58 EST)
security of interactive webpages shadgar(at)cs.bris.ac.uk (Wed Jan 22 2003 - 09:13:29 EST)
Re: Website "Scanner" Mike Shaw (Thu Jan 09 2003 - 10:39:05 EST)
Re: Website "Scanner" Mary Landesman (Thu Jan 09 2003 - 14:11:56 EST)
Re: OWASP Identifies Ten Most Critical Web Application Security Vulnerabilities Jeff Williams (at) Aspect (Sat Jan 18 2003 - 00:14:52 EST)
PHP top ten guide Jeff Williams (at) Aspect (Sat Jan 18 2003 - 16:41:55 EST)
Serverside script injection? joh ket (Fri Jan 10 2003 - 04:05:31 EST)
Re: Serverside script injection? Jeff Williams (at) Aspect (Mon Jan 13 2003 - 10:31:58 EST)
Re: Serverside script injection? Marco Aldegheri (Mon Jan 13 2003 - 08:51:58 EST)
Re: Serverside script injection? JAMES J FERRARA (Mon Jan 13 2003 - 03:41:32 EST)
Re: Serverside script injection? Peter Conrad (Mon Jan 13 2003 - 03:12:48 EST)
OWASP Identifies Ten Most Critical Web Application Security Vulnerabilities Jeff Williams (at) Aspect (Sun Jan 12 2003 - 23:32:38 EST)
Re: Website "Scanner" Martin Eiszner (Fri Jan 10 2003 - 02:23:32 EST)
Re: Website "Scanner" Todd Charron (Thu Jan 09 2003 - 10:03:56 EST)
Re: Website "Scanner" Kevin Spett (Thu Jan 09 2003 - 19:04:43 EST)
RE: Website "Scanner" Ian Griffiths (Sat Jan 11 2003 - 12:23:53 EST)
Re: Web single sign-on Zed A.Shaw (Fri Jan 10 2003 - 15:40:48 EST)
RE: Website "Scanner" Brass, Phil (ISS Atlanta) (Fri Jan 10 2003 - 12:07:18 EST)
RE: Website "Scanner" glyn(at)corsaire.com (Thu Jan 09 2003 - 08:47:32 EST)
Re: Website "Scanner" Javier Fernandez-Sanguino (Thu Jan 09 2003 - 07:57:14 EST)
Re: Website "Scanner" Pig Monkey (Thu Jan 09 2003 - 18:11:34 EST)
Re: Website "Scanner" Dave Aitel (Thu Jan 09 2003 - 08:41:34 EST)
Re: Website "Scanner" Chris Wysopal (Thu Jan 09 2003 - 10:09:53 EST)
Re: Website "Scanner" Nelson Sampaio Araujo Junior (Wed Jan 08 2003 - 20:51:51 EST)
Re: Website "Scanner" sullo(at)cirt.net (Wed Jan 08 2003 - 21:13:04 EST)
Re: Website "Scanner" Kurt Seifried (Wed Jan 08 2003 - 19:50:50 EST)
Re: Website "Scanner" backed.up.by.2048.bit.encryption(at)hushmail.com (Wed Jan 08 2003 - 18:22:04 EST)
Re: Website "Scanner" Dave Aitel (Wed Jan 08 2003 - 18:09:21 EST)
RE: Website "Scanner" glyng(at)corsaire.com (Wed Jan 08 2003 - 18:24:31 EST)
Re: Website "Scanner" Chris Reining (Wed Jan 08 2003 - 16:13:43 EST)
RE: Website "Scanner" backed.up.by.2048.bit.encryption(at)hushmail.com (Wed Jan 08 2003 - 16:12:44 EST)
Re: Website "Scanner" Joris De Donder (Wed Jan 08 2003 - 17:21:35 EST)
RE: Website "Scanner" Nelson Sampaio Araujo Junior (Wed Jan 08 2003 - 16:46:26 EST)
Re: Website "Scanner" sullo(at)cirt.net (Wed Jan 08 2003 - 17:21:16 EST)
Re: Website "Scanner" Kevin Spett (Wed Jan 08 2003 - 16:12:27 EST)
RE: Website "Scanner" Zimin, Alex (Wed Jan 08 2003 - 16:02:47 EST)
RE: Website "Scanner" Chris Neppes (Wed Jan 08 2003 - 16:00:47 EST)
Website "Scanner" backed.up.by.2048.bit.encryption(at)hushmail.com (Wed Jan 08 2003 - 15:53:34 EST)
RE: vbscript Ernie (Wed Jan 08 2003 - 11:58:02 EST)
RE: vbscript security(at)zclix.com (Wed Jan 08 2003 - 10:34:04 EST)
Re: vbscript Marco Aldegheri (Wed Jan 08 2003 - 05:18:10 EST)
RE: vbscript Dawes, Rogan (ZA - Johannesburg) (Wed Jan 08 2003 - 02:43:51 EST)
RE: vbscript Forrest Lee Andrews (Tue Jan 07 2003 - 17:41:28 EST)
vbscript Cade Cairns (Tue Jan 07 2003 - 13:11:20 EST)
Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Sverre H. Huseby (Sat Jan 04 2003 - 17:15:34 EST)
Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Jeff Williams (at) Aspect (Fri Jan 03 2003 - 14:01:43 EST)
Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Kevin Spett (Fri Jan 03 2003 - 12:01:39 EST)
Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Dave Aitel (Fri Jan 03 2003 - 11:16:50 EST)
Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Kevin Spett (Fri Jan 03 2003 - 11:01:20 EST)

115 messages sort by: [ author ] [ date ] [ subject ] [ attachment ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:55 EDT