| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.64.0707240936180.18564@wotan.suse.de> Date: Tue, 24 Jul 2007 09:40:18 +0200 (CEST) From: Sebastian Krahmer <krahmer@...e.de> To: Deeþàn Chakravarthÿ <codeshepherd@...il.com> Cc: full-disclosure@...ts.grok.org.uk, websecurity@...appsec.org Subject: Re: Am I missing anything ? On Tue, 24 Jul 2007, Deeþàn Chakravarthÿ wrote: Hi, Yes. Do not forget to mention that Security 2.0 is only half of the truth. Folks tends to buy protections against any kind of Cross Brain Smashing (CBS) or Anti-Anti-Anti Think Pinning (AAATP) and used to let their X and telnet servers open. l8er, Sebastian > Hi All, > Just wondered if I am missing anything important. Am planning to give > talk on web security. > Is there any other technique other than the following I have to speak > about ? > > 1)XSS > 2)CSRF > 3)SQL Injection > 4)AJAX/JSON hijacking > 5)HTTP response splitting > 6)RFI > 7)CRLF > 8)MITM > > Thanks > Deepan > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- ~ ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer@...e.de - SuSE Security Team ~ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists