Penetration Testing mailing list archives
Re: RE: Informing Companies about security vulnerabilities...
From: stillnone () none com
Date: 5 Oct 2006 21:13:17 -0000
"What in the world are you talking about? If you read his email, he said that he was doing XXS and SQL injections on someone else's web site. In order for him to say that the SQL attack worked, he would have to see some data." --when you get the script alert testing XSS is that seeing private data? if you get an SQL error code is that seeing private data? i dont think you know what the heck you are talking about. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- RE: Informing Companies about security vulnerabilities..., (continued)
- RE: Informing Companies about security vulnerabilities... Levenglick, Jeff (Oct 05)
- RE: (illegal?) Informing Companies about security vulnerabilities... Arian J. Evans (Oct 05)
- Re: (illegal?) Informing Companies about security vulnerabilities... Nathan Keltner (Oct 06)
- RE: (illegal?) Informing Companies about security vulnerabilities... Arian J. Evans (Oct 06)
- RE: (illegal?) Informing Companies about security vulnerabilities... Arian J. Evans (Oct 05)
- RE: Informing Companies about security vulnerabilities... Levenglick, Jeff (Oct 05)
- Re: RE: Informing Companies about security vulnerabilities... none (Oct 05)
- RE: RE: Informing Companies about security vulnerabilities... Levenglick, Jeff (Oct 05)
- RE: Informing Companies about security vulnerabilities... mr . nasty (Oct 05)
- RE: Informing Companies about security vulnerabilities... Arian J. Evans (Oct 06)
- Re: RE: RE: Informing Companies about security vulnerabilities... none (Oct 05)
- Re[4]: Informing Companies about security vulnerabilities... Matthew Leeds (Oct 06)
- Re: RE: Informing Companies about security vulnerabilities... stillnone (Oct 05)
- RE: Informing Companies about security vulnerabilities... Craig Wright (Oct 05)
- Re: Informing Companies about security vulnerabilities... Art Cooper (Oct 06)
- RE: Informing Companies about security vulnerabilities... Arian J. Evans (Oct 06)
- RE: Informing Companies about security vulnerabilities... Craig Wright (Oct 06)
- RE: Informing Companies about security vulnerabilities... jason (Oct 06)
- RE: Informing Companies about security vulnerabilities... Craig Wright (Oct 06)
- Informing Companies about security vulnerabilities... Erin Carroll (Oct 06)
- Re: RE: Informing Companies about security vulnerabilities... v0083mw02 (Oct 06)
- Informing Companies about security vulnerabilities... me (Oct 06)
- RE: Informing Companies about security vulnerabilities... Michael Scheidell (Oct 09)