The Web Security Mailing List (2007 March)

Date Index

[WEB SECURITY] Digg Delicious Technorati & Netscape XSS (worm?), mybeni websecurity
[WEB SECURITY] Global Space Exploitation In PHP Based Web Applications, Aditya K Sood
- [WEB SECURITY] Re: [Full-disclosure] Global Space Exploitation In PHP Based Web Applications, Michal Zalewski
  - Re: [WEB SECURITY] Re: [Full-disclosure] Global Space Exploitation In PHP Based Web Applications, Aditya K Sood
[WEB SECURITY] Reflection on Jeff Williams, anurag . agarwal
[WEB SECURITY] Preventing Cross-site Request Forgeries, pdp (architect)
- RE: [WEB SECURITY] Preventing Cross-site Request Forgeries [ASP.NET crowd], Chris Weber
  - RE: [WEB SECURITY] Preventing Cross-site Request Forgeries [ASP.NET crowd], Michael Sutton
    - RE: [WEB SECURITY] Preventing Cross-site Request Forgeries [ASP.NET crowd], Chris Weber
  - Re: [WEB SECURITY] Preventing Cross-site Request Forgeries [ASP.NET crowd], Arian J. Evans
    - Re: [WEB SECURITY] Preventing Cross-site Request Forgeries [ASP.NET crowd], pdp (architect)
    - [WEB SECURITY] Re: [Webappsec] [WEB SECURITY] Preventing Cross-site Request Forgeries [ASP.NET crowd], Jim Manico
    - [WEB SECURITY] Re: [Webappsec] [WEB SECURITY] Preventing Cross-site Request Forgeries [ASP.NET crowd], pdp (architect)
    - [WEB SECURITY] Re: [Webappsec] [WEB SECURITY] Preventing Cross-site Request Forgeries [ASP.NET crowd], Jim Manico
[WEB SECURITY] HTTP authentication without a 401 response?, Marc-André Laverdière
- Re: [WEB SECURITY] HTTP authentication without a 401 response?, Brian Eaton
- Re: [WEB SECURITY] HTTP authentication without a 401 response?, Andy Steingruebl
[WEB SECURITY] Using XUL to spoof a firefox window, bugtraq
- Re: [WEB SECURITY] Using XUL to spoof a firefox window, Michal Zalewski
[WEB SECURITY] Java 2 Security Standards, Larry Pingree
- [WEB SECURITY] Re: [Webappsec] Java 2 Security Standards, Daniel Fernández Garrido
  - [WEB SECURITY] RE: [Webappsec] Java 2 Security Standards, Larry Pingree
    - Re: [WEB SECURITY] RE: [Webappsec] Java 2 Security Standards, Stephen de Vries
    - [WEB SECURITY] RE: [Webappsec] Java 2 Security Standards, Jeff Williams
- [WEB SECURITY] Re: [Webappsec] Java 2 Security Standards, Daniel Fernández Garrido
- Re: [WEB SECURITY] Java 2 Security Standards, Brian Eaton
[WEB SECURITY] Fix Update: Disable Google Desktop Link Integration with IE & FireFox, Debasis Mohanty
[WEB SECURITY] Reflection on robert auger, anurag . agarwal
[WEB SECURITY] End Points Malfeasance, Aditya K Sood
[WEB SECURITY] Preventing HTTP Response Splitting with HTTP mods and sequence-id's ?, Andy Steingruebl
- [WEB SECURITY] Re: [Webappsec] Preventing HTTP Response Splitting with HTTP mods and sequence-id's ?, Amit Klein
  - [WEB SECURITY] Re: [Webappsec] Preventing HTTP Response Splitting with HTTP mods and sequence-id's ?, Andy Steingruebl
    - [WEB SECURITY] Re: [Webappsec] Preventing HTTP Response Splitting with HTTP mods and sequence-id's ?, Amit Klein
    - [WEB SECURITY] Re: [Webappsec] Preventing HTTP Response Splitting with HTTP mods and sequence-id's ?, Andy Steingruebl
[WEB SECURITY] Malicioius JavaScript - AV Signatures, James Kist
[WEB SECURITY] IntraProgrammed Search Engines Are XSS Driven, Aditya K Sood
[WEB SECURITY] ZombieMap - GEO Zombie Mapper, pdp (architect)
[WEB SECURITY] [Web Security] Double Trap XSS Injections., Aditya K Sood
- Re: [WEB SECURITY] [Web Security] Double Trap XSS Injections., Michal Zalewski
  - Re: [WEB SECURITY] [Web Security] Double Trap XSS Injections., Aditya K Sood
[WEB SECURITY] Web Security Regression Testing, Andy Steingruebl
- Re: [WEB SECURITY] Web Security Regression Testing, bugtraq
- [WEB SECURITY] Re: [Webappsec] Web Security Regression Testing, Stephen de Vries
- Re: [WEB SECURITY] Web Security Regression Testing, Ryan Barnett
[WEB SECURITY] Training choice, David Felio
- Re: [WEB SECURITY] Training choice, Andrew van der Stock
- Re: [WEB SECURITY] Training choice, Steve Slater
  - Re: [WEB SECURITY] Training choice, Ryan Barnett
[WEB SECURITY] ANNOUNCING: 6th OWASP AppSec Conference - May 15-17 2007 - Milan, Italy, Dave Wichers
[WEB SECURITY] Web Security and Bookmarklet Exploits, pdp (architect)
[WEB SECURITY] Reflection on Billy Hoffman, anurag . agarwal
[WEB SECURITY] OWASP Spring of Code 2007, Dinis Cruz
[WEB SECURITY] htaccess Protection - Apache, Greenarrow 1
- Re: [WEB SECURITY] htaccess Protection - Apache, Matthieu Estrade
- Re: [WEB SECURITY] htaccess Protection - Apache, RSnake
[WEB SECURITY] GMail Contact Information Disclosure PoC, beNi
- RE: [WEB SECURITY] GMail Contact Information Disclosure PoC, chris
  - RE: [WEB SECURITY] GMail Contact Information Disclosure PoC, Dror Shalev
[WEB SECURITY] Hack, pump and dump, James Kist
- Re: [WEB SECURITY] Hack, pump and dump, John Terrill
[WEB SECURITY] Security Scanner, Luis Masut
- Re: [WEB SECURITY] Security Scanner, naka
  - Re: [WEB SECURITY] Security Scanner, bugtraq
    - Re: [WEB SECURITY] Security Scanner, James Landis
    - Re: [WEB SECURITY] Security Scanner, foo
- Re: [WEB SECURITY] Security Scanner, Rodrigo Montoro (Sp0oKeR)
- <Possible follow-ups>
- Re: [WEB SECURITY] Security Scanner, Steve Orrin
- Re: [WEB SECURITY] Security Scanner, Anurag Agarwal
  - Re: [WEB SECURITY] Security Scanner, Thiago Zaninotti
    - Re: [WEB SECURITY] Security Scanner, Prasad Shenoy
  - Re: [WEB SECURITY] Security Scanner, Arian J. Evans
    - Re: [WEB SECURITY] Security Scanner, Dinis Cruz
- RE: [WEB SECURITY] Security Scanner, TUSHAR VARTAK /ISG/INFOTECH/BKC
[WEB SECURITY] new AttackAPI, pdp (architect)
[WEB SECURITY] WASC Threat Classification Project - Call for Participants, robert
RE: [WEB SECURITY] Re: [Full-disclosure] Good resources on Web 2.0, Kasey Cross
- Re: [WEB SECURITY] Re: [Full-disclosure] Good resources on Web 2.0, bugtraq
[WEB SECURITY] This week : Reflection on Sheeraj Shah, Anurag Agarwal
[WEB SECURITY] SyScan'07 - Call for Paper - NEW UPDATES, organiser@xxxxxxxxxx
[WEB SECURITY] Good resources on Web 2.0, Justin Boem
- [WEB SECURITY] Re: [Full-disclosure] Good resources on Web 2.0, Michael Silk
  - [WEB SECURITY] Re: [Full-disclosure] Good resources on Web 2.0, crazy frog crazy frog
    - Re: [WEB SECURITY] Re: [Full-disclosure] Good resources on Web 2.0, Dinis Cruz
[WEB SECURITY] PHP import_request_variables() vs extract(), ascii
[WEB SECURITY] PHP import_request_variables() arbitrary variable overwrite, Stefano Di Paola
Re: [WEB SECURITY] Announcement: The Cross-site Request Forgery FAQ, James Landis
[WEB SECURITY] Attack Tree, Ankur Jindal
- Re: [WEB SECURITY] Attack Tree, foo
  - Re: [WEB SECURITY] Attack Tree, Dinis Cruz
    - Re: [WEB SECURITY] Attack Tree, Ankur Jindal
    - Re: [WEB SECURITY] Attack Tree, Dinis Cruz
    - RE: [WEB SECURITY] Attack Tree, Chris Weber
    - Re: [WEB SECURITY] Attack Tree, list
    - Re: [WEB SECURITY] Attack Tree, Dinis Cruz
    - Re: [WEB SECURITY] Attack Tree, Ankur Jindal
[WEB SECURITY] Wordpress website hacked, wordpress backdoored, bugtraq
- Re: [WEB SECURITY] Wordpress website hacked, wordpress backdoored, Dinis Cruz
  - Re: [WEB SECURITY] Wordpress website hacked, wordpress backdoored, bugtraq
[WEB SECURITY] get ip with javascript, Luis Masut
- Re: [WEB SECURITY] get ip with javascript, Christopher Paggen
  - RE: [WEB SECURITY] get ip with javascript, Martin O'Neal
  - Message not available
    - Re: [WEB SECURITY] get ip with javascript, Christopher Paggen
    - RE: [WEB SECURITY] get ip with javascript, Martin O'Neal
- Re: [WEB SECURITY] get ip with javascript, pdp (architect)
  - RE: [WEB SECURITY] get ip with javascript, Danny Allan
[WEB SECURITY] sql error, Luis Masut
- <Possible follow-ups>
- RE: [WEB SECURITY] sql error, steve jensen
[WEB SECURITY] break java script, Luis Masut
- Re: [WEB SECURITY] break java script, beNi
- <Possible follow-ups>
- RE: [WEB SECURITY] break java script, steve jensen
[WEB SECURITY] Virtual PIN pad code samples, Greg Elkins
- Re: [WEB SECURITY] Virtual PIN pad code samples, Walt Williams
- Re: [WEB SECURITY] Virtual PIN pad code samples, John Terrill
- <Possible follow-ups>
- Re: [WEB SECURITY] Virtual PIN pad code samples, Colin Watson
- Re: [WEB SECURITY] Virtual PIN pad code samples, Mike Shema
[WEB SECURITY] Reflection on Ivan Ristic, Anurag Agarwal
YNT: [WEB SECURITY] A Secure CMS?, mulker
- Message not available
  - Re: YNT: [WEB SECURITY] A Secure CMS?, Jim Morgan

Brought to you by http://www.webappsec.org
Search this site