security.web-applications (date)

security.web-applications (date)

December 31, 2002

RE: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection, Christopher Todd
RE: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection, Michael Howard
Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection, Jeff Williams @ Aspect
Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection, Kevin Spett

December 30, 2002

Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection, Dave Aitel
Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection, Kevin Spett
JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection, Christopher Todd

December 23, 2002

Re: securing web based game, Tim Aranki
Re: securing web based game, Tomas
Re: securing web based game, Adam [ckkl]

December 22, 2002

Re: securing web based game, Adrian Wiesmann
Re: securing web based game, Adam [ckkl]
Mangle available for download, Dawes, Rogan (ZA - Johannesburg)
securing web based game, Tomas

December 20, 2002

Re: post to bugtraq about "session fixation", H D Moore
Re: SUMMARY modify non-persistent cookies and more q's, Chris Wysopal
Merry Christmas and a Happy New Year., Mark Curphey
Re: post to bugtraq about "session fixation", Cesar
Re: Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications, Craig_Sullivan

December 19, 2002

Re: encoder, Kevin Spett
Re: post to bugtraq about "session fixation", Steven M. Christey
encoder, N30
Re: Security Paper: Session Fixation Vulnerability in Web-based Applications, Bill Pennington
Re: XSS, Sverre H. Huseby
Re: Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications, Sverre H. Huseby
Re: SUMMARY modify non-persistent cookies and more q's, Kevin Spett
Re: SUMMARY modify non-persistent cookies and more q's, Dave Aitel
RE: SUMMARY modify non-persistent cookies and more q's, Dawes, Rogan (ZA - Johannesburg)
SUMMARY modify non-persistent cookies and more q's, mono toy
Re: modify non-persistent cookies, Choong-Fook Fong

December 18, 2002

Re: post to bugtraq about "session fixation", Alex Russell
Re: post to bugtraq about "session fixation", Kevin Spett
Re: post to bugtraq about "session fixation", Panayiotis A. Thermos
Re: post to bugtraq about "session fixation", securityarchitect
post to bugtraq about "session fixation", Alex Russell
Re: modify non-persistent cookies, Kevin Spett
Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications, Mark Curphey
RE: modify non-persistent cookies, Uzi Refaeli
Re: modify non-persistent cookies, zeno
Re: modify non-persistent cookies, Mr. Rufus Faloofus

December 17, 2002

Re: modify non-persistent cookies, Charles Miller
Re: modify non-persistent cookies, securityarchitect
RE: modify non-persistent cookies, Venkat, Sanjay
RE: modify non-persistent cookies, Chris Neppes
Re: modify non-persistent cookies, MICHAEL GERMONY
RE: modify non-persistent cookies, Glyn
Re: modify non-persistent cookies, Peter Conrad
Re: XSS and URL Encoded Session IDs, Matthew Miller
Re: XSS and URL Encoded Session IDs, Ryan Yagatich
RE: XSS and URL Encoded Session IDs, The Crocodile
modify non-persistent cookies, mono toy
RE: Multiple vendors XML parser (and SOAP/WebServices server) Den ial of Service attack using DTD, Amit Klein

December 16, 2002

Re: Multiple vendors XML parser (and SOAP/WebServices server) Denial of Service attack using DTD, Gregory Steuck
XSS and URL Encoded Session IDs, B F
Multiple vendors XML parser (and SOAP/WebServices server) Denial of Service attack using DTD, Amit Klein
Re: XSS Strings, Tomas
RE: XSS Strings, Glyn
Re: XSS Strings, Jeroen Latour
Re: XSS Strings, Martin Eiszner
XSS Strings, securityarchitect
Re: XSS, HarryM
Re: XSS, appsec

December 13, 2002

RE: forbidden functions on client-side scripts, Thor Larholm
Re: forbidden functions on client-side scripts, Alonso Robles

December 12, 2002

Web Application Analysis Tools?, David Simcik
Re: Web Application Analysis Tools?, Kevin Spett
RE: Web Application Analysis Tools?, Lars Troen
Java validaton article, Andrew Jaquith
Re: Web Application Analysis Tools?, Jeff Williams @ Aspect
Re: Web Application Analysis Tools?, Martin Eiszner
Re: Web Application Analysis Tools?, Kevin Spett
Fast MD5 cracker program?, Çağıl Şeker
VisNetic WebSite XSS vulnerability through HTTP referer header, Ory Segal
RE: forbidden functions on client-side scripts, Uzi Refaeli
Re: XSS, Matthew Miller

December 11, 2002

Re: XSS, Ed Tracy @ Aspect Security
forbidden functions on client-side scripts, Shimon Silberschlag
Re: XSS, Jeff Williams @ Aspect
ENC: W3C XML encryption specs approved, Mads Rasmussen
Re: XSS, Matthew Miller
Re: XSS, Stephen de Vries
Re: Web single sign-on, Andrew Chong

December 10, 2002

Re: XSS, Kevin Spett
Re: XSS, zeno
RE: XSS, Brett Moore
Re: JSP Security - Limiting URL's, mlh
Re: XSS, Kevin Spett
RE: Sequence Identification Routines?, securityarchitect
Re: Apache module: mod_security, Gabe Lawrence
Re: Apache module: mod_security, zeno
RE: XSS, David Endler
Re: XSS, zeno
Re: XSS, John Madden
Re: Apache module: mod_security, Ivan Ristic
FW: Web single sign-on, johneder
Re: Web single sign-on, Greg Gagnon
RE: XSS, Ernesto Funes
Re: Apache module: mod_security, Klaus Doerrscheidt
RE: Sequence Identification Routines?, Dawes, Rogan (ZA - Johannesburg)
Re: Apache module: mod_security, Ivan Ristic
Re: Apache module: mod_security, Bill Burge
RE: XSS, Eyal Udassin
Re: XSS, zeno
Re: JSP Security - Limiting URL's, Jeremy Poteet
Re: JSP Security - Limiting URL's, Steve Posick
Re: Apache module: mod_security, Dave Aitel
Re: JSP Security - Limiting URL's, Andrew Jaquith
XSS, John Madden
Apache module: mod_security, Ivan Ristic
Re: JSP Security - Limiting URL's, Jeff Williams @ Aspect

December 09, 2002

JSP Security - Limiting URL's, securityarchitect
RE: Web single sign-on, securityarchitect
Re: Sequence Identification Routines?, maddany
RE: Web single sign-on, Sarbjit Singh Gill
Re: Web single sign-on, wbjw
RE: Web single sign-on, Simon Cunningham
RE: Sequence Identification Routines?, Tony Welsh
Re: Web single sign-on, securityarchitect
Re: Sequence Identification Routines?, Jeff Williams @ Aspect
Web single sign-on, Marty
Re: Sequence Identification Routines?, Charlie Root
RE: Computer world article highlighting the importance of webapps ec, St. Clair, James
Re: Great XML Security Primer, Javier Fernández-Sanguino Peña
Sequence Identification Routines?, Nick Jacobsen
RE: IIS session cookies, Kapila, Sai

December 08, 2002

RE: IIS session cookies, Forrest Lee Andrews
OWASP Guide Version 2 - New Authors Wanted, Mark Curphey
Re: IIS session cookies, securityarchitect
Computer world article highliting the importance of webappsec, Keith T. Morgan
Re: IIS session cookies, Takayuki Nakamura
Re: IIS session cookies, Cade Cairns

December 06, 2002

Re: IIS session cookies, Kevin Spett
RE: IIS session cookies, Michael Howard
Re: IIS session cookies, Kevin Spett

December 05, 2002

IIS session cookies, Cade Cairns
Re: Hijacking URL Encoded Session IDs using Referer Logs, UDP 53
Re: Can I obtain BASIC AUTH credentials using an XSS vulnerbility, Jill Tovey

December 04, 2002

Re: Top Ten Web App Sec Problems, Steven M. Christey
RE: WebAppSec Training Courses in UK, Craig_Sullivan
RE: WebAppSec Training Courses in UK, securityarchitect
Re: Top Ten Web App Sec Problems, Jeff Williams @ Aspect
RE: WebAppSec Training Courses in UK, Craig_Sullivan
RE: WebAppSec Training Courses in UK, Glyn
Re: WebAppSec Training Courses in UK, Jeff Williams @ Aspect
RE: Top Ten Web App Sec Problems, b0iler _
Re: WebAppSec Training Courses in UK, Kevin Spett
Re: WebAppSec Training Courses in UK, Jeff Williams @ Aspect

December 03, 2002

Re: WebAppSec Training Courses in UK, Kevin Spett
RE: Top Ten Web App Sec Problems, Richard M. Smith
RE: Top Ten Web App Sec Problems, Steven M. Christey
RE: WebAppSec Training Courses in UK, securityarchitect
Re: OpenHack and OWASP Testing Methodology, jcosta
OpenHack and OWASP Testing Methodology, David Endler
RE: Top Ten Web App Sec Problems, Craig, Scott
RE: WebAppSec Training Courses in UK, Glyn Geoghegan
Re: Top Ten Web App Sec Problems, Jeff Williams @ Aspect
Re: Top Ten Web App Sec Problems, Marc Slemko
Re: Top Ten Web App Sec Problems, Alex Russell
Re: Top Ten Web App Sec Problems, Alex Lambert
Re: Top Ten Web App Sec Problems, Kevin Spett

December 02, 2002

Re: WebAppSec Training Courses in UK, Mark Curphey
Re: Top Ten Web App Sec Problems, Andrew Jaquith
RE: Top Ten Web App Sec Problems, Richard M. Smith
Re: WebAppSec Training Courses in UK, Kevin Spett
Re: WebAppSec Training Courses in UK, Dan Cuthbert
Re: Top Ten Web App Sec Problems, Steven M. Christey
WebAppSec Training Courses in UK, phuc4
Re: Top Ten Web App Sec Problems, Alex Russell
FW: Top Ten Web App Sec Problems, Keith T. Morgan
Can I obtain BASIC AUTH credentials using an XSS vulnerbility, frank fish

December 01, 2002

Great XML Security Primer, Mark Curphey
Re: Top Ten Web App Sec Problems, bt

News | FAQ | advertise