[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Google Sacure (A. Jodoin)

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Google Sacure (A. Jodoin)
From: alexandre jodoin <jodoin_alexandre@xxxxxxxxxxx>
Date: Fri, 26 Oct 2007 10:01:15 -0400

>> How can security companies protect us if they can't even configure their 
>> shit right?
 
More on that :
>From their "Pen Test Whitepaper" on http://www.sacure.com/index.php
"The Web-based authentication is exploited by using XSS (cross-site shipping) 
or SLQ injection or MITM (Man-in-the-Middle) attacks."
 
WTF is cross-site shipping ???
:)
_________________________________________________________________
Are you ready for Windows Live Messenger Beta 8.5 ? Get the latest for free 
today!
http://entertainment.sympatico.msn.ca/WindowsLiveMessenger

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Google Sacure (A. Jodoin)
  - From: Michael Holstein

Prev by Date: Re: [Full-disclosure] TCP Hijacking (aka Man-in-the-Middle)
Next by Date: Re: [Full-disclosure] Using GPUs to crack hashes
Previous by thread: [Full-disclosure] FLEA-2007-0060-1 initscripts
Next by thread: Re: [Full-disclosure] Google Sacure (A. Jodoin)
Index(es):
- Date
- Thread