Re: RE: Informing Companies about security vulnerabilities...

From: stillnone@none.com
Date: Thu Oct 05 2006 - 17:13:17 EDT

Next message: Arian J. Evans: "RE: (illegal?) Informing Companies about security vulnerabilities..."
Previous message: none@none.com: "Re: RE: RE: Informing Companies about security vulnerabilities..."
Maybe in reply to: Michael Scheidell: "RE: Informing Companies about security vulnerabilities..."
Next in thread: v0083mw02@sneakemail.com: "Re: RE: Informing Companies about security vulnerabilities..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) "What in the world are you talking about? If you read his email, he said that he was doing XXS and SQL injections on someone else's web site. In order for him to say that the SQL attack worked, he would have to see some data."

--when you get the script alert testing XSS is that seeing private data? if you get an SQL error code is that seeing private data? i dont think you know what the heck you are talking about.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

Next message: Arian J. Evans: "RE: (illegal?) Informing Companies about security vulnerabilities..."
Previous message: none@none.com: "Re: RE: RE: Informing Companies about security vulnerabilities..."
Maybe in reply to: Michael Scheidell: "RE: Informing Companies about security vulnerabilities..."
Next in thread: v0083mw02@sneakemail.com: "Re: RE: Informing Companies about security vulnerabilities..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:07 EDT