Full Disclosure mailing list archives
Re: Am I missing anything ?
From: "Steven Adair" <steven () securityzone org>
Date: Mon, 23 Jul 2007 14:34:27 -0400 (EDT)
Just a few additions/ideas: You have RFI but not LFI.. so add that. I'd also say general input validations as some other mentioned. This ties into your XSS (persistent or otherwise) and some of your other issues like injecting code/iframes/xss etc into forums and so on. Also as mentioned a big on is sessions and user privilege management. If sessions are predictable or don't expire (think the Orkut posts recently) this can be problems. Also, there are additional things you can look for like tieing a session to IP address or checking things that are passed by the browser. This would include HTTP REFER/REFERRER which can also be a security issue if relied on too heavily. On the user management side, checking things like elevating privileges and what not are big issues. Or verifying a user can make a certain action like changing passwords for their account only etc. Look for weak methods of password reseting. This can be a DoS to users or it can be predictable resulting in account compromise. Also, username enumeration due to poorly implemented features like this as well at login/password reset prompts. A few other things come to mind but I think what you've got plus all these responses should be more than enough to bore/excite an audience with. :) Steven securityzone.org
Hi All, Just wondered if I am missing anything important. Am planning to give talk on web security. Is there any other technique other than the following I have to speak about ? 1)XSS 2)CSRF 3)SQL Injection 4)AJAX/JSON hijacking 5)HTTP response splitting 6)RFI 7)CRLF 8)MITM Thanks Deepan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Am I missing anything ? Deeþàn Chakravarthÿ (Jul 23)
- Re: Am I missing anything ? Stack Smasher (Jul 23)
- Re: Am I missing anything ? Trancer (Jul 23)
- Re: Am I missing anything ? Valdis . Kletnieks (Jul 23)
- Re: Am I missing anything ? J. Patterson Wicks (Jul 23)
- Re: Am I missing anything ? Carl Livitt (Jul 23)
- Re: Am I missing anything ? Steven Adair (Jul 23)
- Re: Am I missing anything ? bugtraq (Jul 23)
- Re: [WEB SECURITY] Am I missing anything ? kwestin (Jul 23)
- Re: Am I missing anything ? Simon Smith (Jul 23)
- Re: Am I missing anything ? Sebastian Krahmer (Jul 24)
- <Possible follow-ups>
- Re: Am I missing anything ? David Byrne (Jul 23)
- Re: Am I missing anything ? Joey Mengele (Jul 23)
- Re: Am I missing anything ? Simon Smith (Jul 23)
- Re: Am I missing anything ? Joey Mengele (Jul 23)
- Re: Am I missing anything ? Simon Smith (Jul 23)
- Re: Am I missing anything ? Joey Mengele (Jul 23)
(Thread continues...)