[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Am I missing anything ?

To: Deeþàn Chakravarthÿ <codeshepherd@xxxxxxxxx>
Subject: Re: [Full-disclosure] Am I missing anything ?
From: Sebastian Krahmer <krahmer@xxxxxxx>
Date: Tue, 24 Jul 2007 09:40:18 +0200 (CEST)

On Tue, 24 Jul 2007, Deeþàn Chakravarthÿ wrote:

Hi,

Yes.
Do not forget to mention that Security 2.0 is only half of the truth.
Folks tends to buy protections against any kind of Cross Brain Smashing 
(CBS) or Anti-Anti-Anti Think Pinning (AAATP) and used to let their 
X and telnet servers open.

l8er,
Sebastian

> Hi All,
>    Just wondered if I am missing anything important. Am planning to give 
> talk on web security.
> Is there any other technique other than the following I have to speak 
> about ?
> 
> 1)XSS
> 2)CSRF
> 3)SQL Injection
> 4)AJAX/JSON hijacking
> 5)HTTP response splitting
> 6)RFI
> 7)CRLF
> 8)MITM
> 
> Thanks
> Deepan
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 

-- 
~
~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer@xxxxxxx - SuSE Security Team
~ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Am I missing anything ?
  - From: Deeþàn Chakravarthÿ

Prev by Date: [Full-disclosure] [SECURITY] [DSA 1340-1] New ClamAV packages fix denial of service
Next by Date: [Full-disclosure] On the vulnerabilities of web services
Previous by thread: Re: [Full-disclosure] Am I missing anything ?
Next by thread: Re: [Full-disclosure] Am I missing anything ?
Index(es):
- Date
- Thread