The Web Security Mailing List (2007 April)

• Thread Index

• RE: [WEB SECURITY] Preventing Cross-site Request Forgeries
  • From: Arian J. Evans
• [WEB SECURITY] From Old Bucket To New : Clobbering Of Global Variables
  • From: Aditya K Sood
• Re: [WEB SECURITY] Preventing Cross-site Request Forgeries
  • From: Brian Eaton
• Re: [WEB SECURITY] Preventing Cross-site Request Forgeries
  • From: Stephen de Vries
• [WEB SECURITY] Re: [Webappsec] [WEB SECURITY] Preventing Cross-site Request Forgeries
  • From: Jim Manico
• [WEB SECURITY] Jikto in the wild
  • From: Billy Hoffman
• Re: [WEB SECURITY] Jikto in the wild
  • From: pdp (architect)
• [WEB SECURITY] Re: [Webappsec] [WEB SECURITY] Preventing Cross-site Request Forgeries
  • From: Arian J. Evans
• RE: [WEB SECURITY] Jikto in the wild
  • From: Billy Hoffman
• [WEB SECURITY] Vulnerable Vectors in PHP Based Redirection Pages[redirect.php4/redirect.php5]
  • From: Aditya K Sood
• [WEB SECURITY] HDIV (Http Data Integrity Validator) 1.1 Released
  • From: roberto
• [WEB SECURITY] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug
  • From: pdp (architect)
• Re: [WEB SECURITY] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug
  • From: Daniel Veditz
• [WEB SECURITY] CYBSEC Release: SAP Security - Paper & Tool release
  • From: Mariano Nuñez Di Croce
• [WEB SECURITY] Any opinions of the effectiveness of Binary Static Analysis?
  • From: John Johnson
• [WEB SECURITY] Re: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug
  • From: Thor Larholm
• [WEB SECURITY] Reflection chris shiflett
  • From: anurag . agarwal
• Re: [WEB SECURITY] Preventing Cross-site Request Forgeries
  • From: christ1an
• RE: [WEB SECURITY] Any opinions of the effectiveness of Binary Static Analysis?
  • From: Debasis Mohanty
• Re: [WEB SECURITY] Any opinions of the effectiveness of Binary Static Analysis?
  • From: Benjamin Livshits
• [WEB SECURITY] WASC Meet-Up (Sunnyvale, Ca.) April 18, 2007 @ 6pm
  • From: Jeremiah Grossman
• [WEB SECURITY] WASC Announcement: Web Application Security Statistics Project - Data Published
  • From: contact
• [WEB SECURITY] Jasypt 1.2 (Java Simplified Encryption) enhances Hibernate support
  • From: Daniel Fernández Garrido
• [WEB SECURITY] Application Layer Anti-virus/Firewall
  • From: pdp (architect)
• [WEB SECURITY] Experience with Jascrypt?
  • From: Mr Zebedee
• [WEB SECURITY] URL Encoding/Decoding Flaw Mechanism In ASP.net[1.0-2.0] Based Web Applications.
  • From: Aditya K Sood
• [WEB SECURITY] WASC-Articles: 'The Importance of Application Classification in Secure Application Development'
  • From: contact
• [WEB SECURITY] reflection on Ory segal
  • From: Anurag Agarwal
• [WEB SECURITY] Persistent CSRF and The Hotlink Hell
  • From: pdp (architect)
• Re: [WEB SECURITY] URL Encoding/Decoding Flaw Mechanism In ASP.net[1.0-2.0] Based Web Applications.
  • From: Jeff Forristal
• Re: [WEB SECURITY] URL Encoding/Decoding Flaw Mechanism In ASP.net[1.0-2.0] Based Web Applications.
  • From: Aditya K Sood
• RE: [WEB SECURITY] URL Encoding/Decoding Flaw Mechanism In ASP.net[1.0-2.0] Based Web Applications.
  • From: Jeff Forristal
• Re: [WEB SECURITY] URL Encoding/Decoding Flaw Mechanism In ASP.net[1.0-2.0] Based Web Applications.
  • From: Aditya K Sood
• Re: [WEB SECURITY] Persistent CSRF and The Hotlink Hell
  • From: Ryan Barnett
• [WEB SECURITY] Re: [Full-disclosure] [WEB SECURITY] Persistent CSRF and The Hotlink Hell
  • From: Blue Boar
• [WEB SECURITY] Reminder: HITBSecConf2007 - Malaysia: Call for Papers closing in 2 weeks
  • From: announce
• [WEB SECURITY] SensePost Aura - aka Solving the Google API Key Problem..
  • From: Haroon Meer
• [WEB SECURITY] Re: Tacking A Difficult Problem - Solutions
  • From: Arian J. Evans
• [WEB SECURITY] Re: [Webappsec] Tacking A Difficult Problem - Solutions
  • From: Amit Klein
• [WEB SECURITY] Re: [Webappsec] Tacking A Difficult Problem - Solutions
  • From: Amit Klein
• [WEB SECURITY] Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting
  • From: Arian J. Evans
• [WEB SECURITY] RE: [Webappsec] Tacking A Difficult Problem - Solutions
  • From: Bob Fish
• [WEB SECURITY] Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting
  • From: Amit Klein
• [WEB SECURITY] Re: [Webappsec] Tacking A Difficult Problem - MS output encoding library
  • From: Arian J. Evans
• [WEB SECURITY] Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting
  • From: Arian J. Evans
• [WEB SECURITY] Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting
  • From: James Landis
• [WEB SECURITY] Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting
  • From: Amit Klein
• [WEB SECURITY] Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting
  • From: Arian J. Evans
• Re: [WEB SECURITY] Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting
  • From: Arian J. Evans
• [WEB SECURITY] Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting
  • From: Amit Klein
• [WEB SECURITY] Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting
  • From: Amit Klein
• [WEB SECURITY] WASC-Articles: 'The business case for security frameworks'
  • From: announcements
• [WEB SECURITY] Reflection on Nish Bhalla
  • From: Anurag Agarwal
• [WEB SECURITY] WASC Meetup - April 18 - pictures uploaded
  • From: Anurag Agarwal
• [WEB SECURITY] Captcha and animated captcha
  • From: Lebeau Frederic
• RE: [WEB SECURITY] Captcha and animated captcha
  • From: Ory Segal
• RE: [WEB SECURITY] Captcha and animated captcha
  • From: Chris Weber
• Re: [WEB SECURITY] Captcha and animated captcha
  • From: christ1an
• [WEB SECURITY] script inside .txt file
  • From: prashant k v
• Re: [WEB SECURITY] script inside .txt file
  • From: Ajay Pal Singh Atwal
• Re: [WEB SECURITY] script inside .txt file
  • From: Kurt Grutzmacher
• [WEB SECURITY] Re: [Webappsec] script inside .txt file
  • From: Josh Zlatin-Amishav
• RE: [WEB SECURITY] script inside .txt file
  • From: Ory Segal
• [WEB SECURITY] Re: [Webappsec] script inside .txt file
  • From: Amiran Alavidze
• [WEB SECURITY] Re: [Webappsec] script inside .txt file
  • From: Lee Lawson
• [WEB SECURITY] Re: [Webappsec] script inside .txt file
  • From: Stefano Di Paola
• Re: [WEB SECURITY] script inside .txt file
  • From: christ1an
• Re: [WEB SECURITY] Captcha and animated captcha
  • From: Stephen de Vries
• Re: [WEB SECURITY] script inside .txt file
  • From: Wladimir Palant
• [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting
  • From: Stefano Di Paola
• [WEB SECURITY] Re: Tacking A Difficult Problem - Solutions
  • From: Arian J. Evans
• Re: [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting
  • From: Amit Klein
• [WEB SECURITY] Re: [Webappsec] Tacking A Difficult Problem - Solutions
  • From: Amit Klein
• [WEB SECURITY] Re: [Webappsec] [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting
  • From: Andy Steingruebl
• RE: [WEB SECURITY] Re: Tacking A Difficult Problem - Solutions
  • From: Ory Segal
• Re: [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting
  • From: Stefano Di Paola
• [WEB SECURITY] Re: [Webappsec] [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting
  • From: Stefano Di Paola
• RE: [WEB SECURITY] Re: [Webappsec] [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting
  • From: chris
• Re: [WEB SECURITY] Re: Tacking A Difficult Problem - Solutions
  • From: Arian J. Evans
• [WEB SECURITY] Re: [Webappsec] [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting
  • From: Arian J. Evans
• Re: [WEB SECURITY] script inside .txt file
  • From: Bubba Gump
• Re: [WEB SECURITY] Re: Tacking A Difficult Problem - Solutions
  • From: Bubba Gump
• Re: [WEB SECURITY] Re: Tacking A Difficult Problem - Solutions
  • From: Arian J. Evans
• Re: [WEB SECURITY] Re: [Webappsec] [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting
  • From: Chris Hofmann
• [WEB SECURITY] Re: [Webappsec] [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting
  • From: Andy Steingruebl
• RE: [WEB SECURITY] Captcha and animated captcha
  • From: Billy Hoffman
• RE: [WEB SECURITY] script inside .txt file
  • From: Billy Hoffman
• [WEB SECURITY] Re: [Webappsec] [WEB SECURITY] script inside .txt file
  • From: James Landis
• RE: [WEB SECURITY] Captcha and animated captcha
  • From: Chris Weber
• Re: [WEB SECURITY] script inside .txt file
  • From: Brian Eaton
• [WEB SECURITY] Tackling A Difficult Problem - Proposed Solution
  • From: Bubba Gump
• RE: [WEB SECURITY] Captcha and animated captcha
  • From: Marian Ion
• [WEB SECURITY] MITM (man in the middle)
  • From: lebeau
• Re: [WEB SECURITY] MITM (man in the middle)
  • From: John Terrill
• Re: [WEB SECURITY] MITM (man in the middle)
  • From: Prasad Shenoy
• Re: [WEB SECURITY] MITM (man in the middle)
  • From: Nick Owen
• RE: [WEB SECURITY] MITM (man in the middle)
  • From: frederic.lebeau
• Re: [WEB SECURITY] MITM (man in the middle)
  • From: Thierry Zoller
• RE: [WEB SECURITY] MITM (man in the middle)
  • From: John Terrill
• [WEB SECURITY] Reflection on Andrew Van der Stock
  • From: Anurag Agarwal
• [WEB SECURITY] suggesting passwords to users
  • From: Brian Eaton
• Re: [WEB SECURITY] suggesting passwords to users
  • From: Anurag Agarwal
• Re: [WEB SECURITY] suggesting passwords to users
  • From: James Landis
• Re: [WEB SECURITY] suggesting passwords to users
  • From: Wladimir Palant
• Re: [WEB SECURITY] suggesting passwords to users
  • From: Anurag Agarwal
• Re: [WEB SECURITY] suggesting passwords to users
  • From: Mike Shema
• Re: [WEB SECURITY] suggesting passwords to users
  • From: Wladimir Palant
• Re: [WEB SECURITY] suggesting passwords to users
  • From: Albert Lunde
• Re: [WEB SECURITY] suggesting passwords to users
  • From: Mike Shema
• Re: [WEB SECURITY] suggesting passwords to users
  • From: Brian Eaton