WebApp Sec mailing list archives

RE: HTTP Header and POST Data Exploitation

From: "Indian Tiger" <indiantiger () mailandnews com>
Date: Thu, 9 Jan 2003 17:13:06 +0530

Hi Rahul,

Try this
http://www.cgisecurity.com/lib/bill/William_Bellamy_GCIH.html#EXPLOITDETAILS


Sincerely,

Indian Tiger, CISSP

-----Original Message-----
From: Rahul Chander Kashyap [mailto:rahul () nsecure net]
Sent: Saturday, February 08, 2003 2:46 PM
To: webappsec () securityfocus com
Subject: HTTP Header and POST Data Exploitation

Hi,
I'm writing a security module for iis webservers and just wanted
to know if
anyone has some info/links on how HTTP Headers could be exploited and also
are there any exploits/exploit signatures for the POST Data?

Thanks!
Regards,
Rahul Kashyap

Current thread:

RE: Prevent security bypass, (continued)
- - - RE: Prevent security bypass Adam (Feb 06)
    - RE: Prevent security bypass Larry Seltzer (Feb 06)
    - Re: Prevent security bypass Chris Travers (Feb 06)
- Re: Prevent security bypass Ulrich P. (Feb 05)
  - Re: Prevent security bypass Chris Travers (Feb 04)
  - Re: Prevent security bypass c3rb3r (Feb 04)
  - Re: Prevent security bypass Adrian Wiesmann (Feb 04)
- Re: Prevent security bypass sunzi (Feb 07)
  - Re: Prevent security bypass Ernie Nelson (Feb 07)
    - HTTP Header and POST Data Exploitation Rahul Chander Kashyap (Feb 08)
    - RE: HTTP Header and POST Data Exploitation Indian Tiger (Feb 09)
- Re: Prevent security bypass Ken Rachynski (Feb 04)
- RE: Prevent security bypass David Cameron (Feb 04)
  - RE: Prevent security bypass Vinny Bedus (Feb 05)
    - Re: Prevent security bypass Chris Travers (Feb 05)
- RE: Prevent security bypass Logan F.D. Greenlee (Feb 05)
- RE: Prevent security bypass Kim Christiansen (Feb 05)
- RE: Prevent security bypass Mark Mcdonald (Feb 05)
  - Re[2]: Prevent security bypass M. Austin Hill (Feb 05)
  - RE: Prevent security bypass TUER, DON (Feb 06)
    - Re: Prevent security bypass Alex Russell (Feb 06)

(Thread continues...)