Full Disclosure mailing list archives

Re: SSL VPNs and security

From: Michal Zalewski <lcamtuf () dione ids pl>
Date: Fri, 9 Jun 2006 08:31:51 +0200 (CEST)

On Fri, 9 Jun 2006, E Mintz wrote:

How about some real-world, application specific exploits?


There's an example of a XSS that can be used to compromise Cisco Web VPN
session in the text.

So, please show me an example of an actual compromise and I'll listen.
Otherwise, put up, or shut up!


You're not strictly required to listen, you know ;)

/mz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

SSL VPNs and security Michal Zalewski (Jun 08)
- Message not available
  - Re: SSL VPNs and security Michal Zalewski (Jun 08)
    - Re: SSL VPNs and security E Mintz (Jun 09)
- Message not available
  - Re: SSL VPNs and security E Mintz (Jun 09)
- Re: SSL VPNs and security Tim (Jun 09)
  - Re: SSL VPNs and security Brian Eaton (Jun 09)
    - Re: SSL VPNs and security Tim (Jun 09)
    - Re: SSL VPNs and security Q-Ball (Jun 12)
    - Re: SSL VPNs and security Ray P (Jun 13)
    - Re: SSL VPNs and security Q-Ball (Jun 13)
  - Re: SSL VPNs and security Michael Holstein (Jun 09)
    - Re: SSL VPNs and security Tim (Jun 09)

(Thread continues...)