The Web Security Mailing List (2007 November)

• Date Index

• [WEB SECURITY] SQL injection question, Luis Matus
  • Re: [WEB SECURITY] SQL injection question, Zapotek
  • RE: [WEB SECURITY] SQL injection question, Truxaw, Matthew
• [WEB SECURITY] Http splitting does not work with mod_proxy, Gleb Paharenko
• [WEB SECURITY] crossdomain.xml for flash applications, Truxaw, Matthew
  • Re: [WEB SECURITY] crossdomain.xml for flash applications, Matthias
  • Re: [WEB SECURITY] crossdomain.xml for flash applications, fukami
• [WEB SECURITY] Some Comments on PayPal's Security Vulnerability Disclosure Policy, Andy Steingruebl
• [WEB SECURITY] Query : How we can test SSH security issue manually, surendra . kumar
• [WEB SECURITY] ExploitMe Series, Bhalla, Nishchal
• [WEB SECURITY] OWASP Israel Conference 2007, Dec 3rd 2007, Ofer Shezaf
• [WEB SECURITY] Reflected XSS attacks, Vishal Garg
  • <Possible follow-ups>
  • Re: [WEB SECURITY] Reflected XSS attacks, Daniel Papasian
  • Re: [WEB SECURITY] Reflected XSS attacks, Vishal Garg
  • Re: [WEB SECURITY] Reflected XSS attacks, Jeff Robertson
  • Re: [WEB SECURITY] Reflected XSS attacks, Stefan Esser
• [WEB SECURITY] FIS [File Inclusion Scanner] v0.2, Zapotek
• [WEB SECURITY] (Announce) Jasypt 1.4 released: encrypt your configuration files, Daniel Fernández Garrido
• [WEB SECURITY] risks of hosting js files on CDN?, Joe White
  • RE: [WEB SECURITY] risks of hosting js files on CDN?, Eric Rachner
  • Re: [WEB SECURITY] risks of hosting js files on CDN?, Daniel Papasian
  • Re: [WEB SECURITY] risks of hosting js files on CDN?, Sam Quigley
    • RE: [WEB SECURITY] risks of hosting js files on CDN?, Summers, John
      • Re: [WEB SECURITY] risks of hosting js files on CDN?, Jeremiah Grossman
      • RE: [WEB SECURITY] risks of hosting js files on CDN?, Eric Rachner
      • Re: [WEB SECURITY] risks of hosting js files on CDN?, Jeremiah Grossman
      • RE: [WEB SECURITY] risks of hosting js files on CDN?, Eric Rachner
      • Re: [WEB SECURITY] risks of hosting js files on CDN?, Jeremiah Grossman
      • Re: [WEB SECURITY] risks of hosting js files on CDN?, Gaurav Kumar
      • Re: [WEB SECURITY] risks of hosting js files on CDN?, Daniel Papasian
      • Re: [WEB SECURITY] risks of hosting js files on CDN?, Peter Conrad
      • Re: [WEB SECURITY] risks of hosting js files on CDN?, Jason Muskat de VE3TSJ - GCFA, GCUX, CEI, CEH
  • Re: [WEB SECURITY] risks of hosting js files on CDN?, Daniel Cuthbert
    • Re: [WEB SECURITY] risks of hosting js files on CDN?, Jason Muskat de VE3TSJ - GCFA, GCUX, CEI, CEH
  • <Possible follow-ups>
  • RE: [WEB SECURITY] risks of hosting js files on CDN?, Tom Stripling
    • Re: [WEB SECURITY] risks of hosting js files on CDN?, Joe White
    • RE: [WEB SECURITY] risks of hosting js files on CDN?, Vincent Archer
      • Re: [WEB SECURITY] risks of hosting js files on CDN?, bugtraq
    • RE: [WEB SECURITY] risks of hosting js files on CDN?, Summers, John
  • RE: [WEB SECURITY] risks of hosting js files on CDN?, Tom Stripling
• [WEB SECURITY] XSS tag inspector, gaz_sec
• [WEB SECURITY] CfP: 1st Intl. Workshop on Security Testing, Alexander Pretschner
• [WEB SECURITY] OWASP ASIA and OWASP-WASC 2007 photos, Wayne Huang
  • Re: [WEB SECURITY] OWASP ASIA and OWASP-WASC 2007 photos, Garrett Gee
    • Re: [WEB SECURITY] OWASP ASIA and OWASP-WASC 2007 photos, Anurag Agarwal
• [WEB SECURITY] Wordpress 2.3 Cross Domain Content Insertion- New vulnerability + exploit - xssworm.com, XSS Worm XSS Security Information Portal
  • [WEB SECURITY] Re: [Full-disclosure] Wordpress 2.3 Cross Domain Content Insertion- New vulnerability + exploit - xssworm.com, Andrew Farmer
  • [WEB SECURITY] Re: [Full-disclosure] Wordpress 2.3 Cross Domain Content Insertion- New vulnerability + exploit - xssworm.com, dave-san
• [WEB SECURITY] Nikto 2 released, Sullo
• [WEB SECURITY] Cart32 GetImage arbitrary file download vulnerability, Ryan Barnett
• [WEB SECURITY] Web Application Load and Stress Testing, ανδΗ
  • Re: [WEB SECURITY] Web Application Load and Stress Testing, Andre Gironda
  • Re: [WEB SECURITY] Web Application Load and Stress Testing, Stephen de Vries
• [WEB SECURITY] Hardware problems, robert
• [WEB SECURITY] XSS server side, Omid Tavakoli
  • RE: [WEB SECURITY] XSS server side, Eric Rachner
• [WEB SECURITY] DNS Rebinding (or anti DNS pinning) - it's not just about the Intranet, Amit Klein
  • RE: [WEB SECURITY] DNS Rebinding (or anti DNS pinning) - it's not just about the Intranet, Hoffman, Billy
  • <Possible follow-ups>
  • Re: [WEB SECURITY] DNS Rebinding (or anti DNS pinning) - it's not just about the Intranet, David Byrne
• [WEB SECURITY] Announcement : CCWAPSS methodology release 1.1, Frederic Charpentier
• [WEB SECURITY] Reporting XSS, Growker
  • RE: [WEB SECURITY] Reporting XSS, Eric Rachner
  • Re: [WEB SECURITY] Reporting XSS, Josh Amishav-Zlatin
• [WEB SECURITY] Performance to Network response time, ανδΗ
• [WEB SECURITY] Hackvertor update, gaz_sec
• [WEB SECURITY] Call for Papers: OWASP Australia (Asia Pacific) Security Conference 2008, Justin Derry
• [WEB SECURITY] Seeking questions for Panel discussion on website vulnerability disclosure during OWASP-WASC AppSec Conference on Nov 15, Anurag Agarwal
  • RE: [WEB SECURITY] Seeking questions for Panel discussion on website vulnerability disclosure during OWASP-WASC AppSec Conference on Nov 15, Eric Rachner
• [WEB SECURITY] [Tool] sqlmap: a blind SQL injection tool (release 0.5), Bernardo Damele
• [WEB SECURITY] JS parsing in 3xx HTTP responses?, Andy Steingruebl
  • Re: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Amit Klein
  • Re: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Jeremiah Grossman
    • Re: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Åukasz Pilorz
      • Re: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Andy Steingruebl
      • Re: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Amit Klein
      • Re: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Andy Steingruebl
      • Re: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Amit Klein
      • RE: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Hoffman, Billy
      • Re: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Arian J. Evans
      • Re: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Amit Klein
      • Re: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Łukasz Pilorz
  • Re: [WEB SECURITY] JS parsing in 3xx HTTP responses?, kuza55
    • Re: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Arian J. Evans
  • Re: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Arian J. Evans
  • Re: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Achim Hoffmann
    • Re: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Amit Klein
      • RE: [WEB SECURITY] JS parsing in 3xx HTTP responses?, Hoffman, Billy
• [WEB SECURITY] WASC meetup on Nov 8 in San Jose, Anurag Agarwal