Firewall Wizards mailing list archives
Re: Web Site Hacks
From: Steve Gibbons <steve () wyrm AZTech Net>
Date: Thu, 04 Dec 97 23:12:55 -0700
Hmm, Java/ActiveX are browser-side things too, so they can be used (directly) to hack browsers only, not web sites (although there could be some indirect compromises ;)
The possiblity of indirect compromises has been addressed before (see CA-96.05) For some behind-the-scenes info on the CERT advisory, see: http://www.aztech.net/~steve/java/ Despite picking nits with a particular implementation, I _very_much_ prefer the Java security model compard to MS's. My $0.02... -- Steve
Current thread:
- Web Site Hacks Edward Cracknell (Dec 03)
- Re: Web Site Hacks -= ArkanoiD =- (Dec 03)
- Re: Web Site Hacks -= ArkanoiD =- (Dec 03)
- Re: Web Site Hacks Daniel Garcia (Dec 03)
- Re: Web Site Hacks Nick Drage (Dec 04)
- Re: Web Site Hacks Michael Kyle (Dec 04)
- <Possible follow-ups>
- RE: Web Site Hacks Denis Gordon (Dec 03)
- Re[2]: Web Site Hacks Edward Cracknell (Dec 04)
- Re: Web Site Hacks Bruce B. Platt (Dec 04)
- Re[2]: Web Site Hacks Edward Cracknell (Dec 05)
- Re: Web Site Hacks Steve Gibbons (Dec 05)
- Re: Web Site Hacks Steven Bellovin (Dec 05)
- Re: Web Site Hacks Chad Schieken (Dec 05)
- Re: Web Site Hacks Aleph One (Dec 06)
- Re: Web Site Hacks Chad Schieken (Dec 05)
- Re: Web Site Hacks David Kennedy (Dec 08)
- Re: Web Site Hacks Paul McNabb (Dec 09)
- Re: Web Site Hacks shimons (Dec 11)
- Re: Web Site Hacks Paul McNabb (Dec 11)
- Re: Web Site Hacks Joseph S. D. Yao (Dec 11)