Vulnerability Development mailing list archives
RE: ASP Security
From: "Mark Curphey" <mark () curphey com>
Date: Sun, 27 Jan 2002 19:18:45 -0800
Its http://www.owasp.org (not .com) -----Original Message----- From: Gaziel, Avishay [mailto:agaziel () kpmg com] Sent: Sunday, January 27, 2002 8:57 AM To: 'ishaybas () netvision net il' Cc: 'vuln-dev () securityfocus com' Subject: RE: ASP Security Hi Ishay Security issues regarding .asp codes is only a small part of a security issue called "Unexpected Input". Briefly, what you are looking for is articles about "sql injection" which is a method of injecting your own sql statement to a statement built using the .asp you can find a good starting point @: www.sqlsecurity.com www.owasp.com Avishay -----Original Message----- From: ishaybas () netvision net il [mailto:ishaybas () netvision net il] Sent: ג 22 ינואר 2002 18:34 To: vuln-dev () securityfocus com Subject: ASP Security Hello, I am doing a vulnerability development on a product which uses some .ASP pages, and I am looking for some papers regarding security issues of ASP code. Anyone? Thanks. --- Time is short. I am short. Therefore I am time. Ishay Sommer **************************************************************************** * The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. **************************************************************************** *
Current thread:
- ASP Security ishaybas (Jan 22)
- <Possible follow-ups>
- RE: ASP Security Gaziel, Avishay (Jan 27)
- RE: ASP Security Mark Curphey (Jan 27)