Network Security Archives

December 31, 2005

A couple Application Security Predictions For The Year 2006, bugtraq, 22:10

December 30, 2005

Re: Mambo, Coppermine and PHPBB Attacks, Andrew van der Stock, 01:30
Re: Mambo, Coppermine and PHPBB Attacks, ascii, 01:00
Black Hat Federal and Europe Call for Papers, Jeff Moss, 00:09

December 29, 2005

Re: PCI DSS Compliance, Pete Herzog, 23:59
Re: Mambo, Coppermine and PHPBB Attacks, Yasuo Ohgaki, 23:59
RE: PCI DSS Compliance, Lyal Collins, 23:59

December 27, 2005

RE: [Full-disclosure] Looking Security Cheklisters?, Krpata, Tyler, 12:46

December 26, 2005

Re: Mambo, Coppermine and PHPBB Attacks, Paul Laudanski, 00:50

December 25, 2005

Re: Mambo, Coppermine and PHPBB Attacks, Yasuo Ohgaki, 21:19

December 24, 2005

Re: Mambo, Coppermine and PHPBB Attacks, Yasuo Ohgaki, 20:09
Re: Mambo, Coppermine and PHPBB Attacks, Paul Laudanski, 19:49
[Full-disclosure] Looking Security Cheklisters?, Mark Sec, 08:15

December 23, 2005

Reform 0.9 -- Encoding libraries, Michael Eddington, 16:38
RE: Rules on security issues for static code analizers of Java, Kline,Nathan C - JDI, 00:41

December 22, 2005

RE: New OWASP project - PCI Web Security Standards, MollM, 21:10
Re: PCI DSS Compliance, Roberto Tanara, 21:00
RE: Rules on security issues for static code analizers of Java, Burke, Charles, 20:50
httprint version 301, Saumil Shah, 20:50
Re: Mambo, Coppermine and PHPBB Attacks, Jack Tennessee, 20:50
Re: New OWASP project - PCI Web Security Standards, Jean-Jacques Halans, 20:40
Re: New OWASP project - PCI Web Security Standards, Eoin, 20:40
RE: PCI DSS Compliance, Craig Wright, 05:41
RE: New OWASP project - PCI Web Security Standards, Lyal Collins, 05:11
RE: PCI DSS Compliance, Lyal Collins, 05:11

December 21, 2005

Re: Mambo, Coppermine and PHPBB Attacks, Paul Laudanski, 22:48
RE: New OWASP project - PCI Web Security Standards, Ahmed Shahzad, 22:18
Re: PCI DSS Compliance, Roberto Tanara, 21:48
RE: New OWASP project - PCI Web Security Standards, Justin Derry, 21:38

December 20, 2005

Re: Rules on security issues for static code analizers of Java, Justin Clarke, 21:53
Re: Tool for source code review, Adam Shostack, 20:22
RE: New OWASP project - PCI Web Security Standards, Lyal Collins, 20:12
RE: PCI DSS Compliance, Lyal Collins, 20:12
Re: Mambo, Coppermine and PHPBB Attacks, Tofik Suleymanov, 20:02
Re: Mambo, Coppermine and PHPBB Attacks, Paul Laudanski, 16:20
New OWASP project - PCI Web Security Standards, mike . owasp, 15:39
Rules on security issues for static code analizers of Java, Juan C Calderon, 15:29
Hackers Break Into Computer-Security Firm's Customer Database, bugtraq, 13:58
RE: Tool for source code review, Ambarish Malpani, 13:58
Re: [WEB SECURITY] Tomcat Banner, Achim Hoffmann, 13:48
Fwd: SF new article announcement: OpenSSH cutting edge, Andrew van der Stock, 13:38
Vulnerabilties of any Messenger, Pratiksha Doshi, 13:38
RE: PCI DSS Compliance, Craig Wright, 13:38
RE: Tool for source code review, Carl Davis, 13:27
Re: PCI DSS Compliance, Pete Herzog, 13:27

December 19, 2005

Tool for source code review, Pratiksha Doshi, 10:44
RE: Mambo, Coppermine and PHPBB Attacks, John Cobb, 10:44
RE: PCI DSS Compliance, Craig Wright, 07:12
Re: PCI DSS Compliance, Pete Herzog, 04:49
Mambo, Coppermine and PHPBB Attacks, Mark Ryan del Moral Talabis, 04:29
Re: Security of magic_quotes_gpc under PHP against SQL injection, Stefano Di Paola, 02:38
RE: PCI DSS Compliance, Craig Wright, 02:38
Re: PCI DSS Compliance, null0, 02:28
Re: PCI DSS Compliance, Pete Herzog, 02:28

December 16, 2005

RE: PCI DSS Compliance, Syed Mohamed A, 21:25
RE: SPAM-LOW: New(?) web app sec scanner: NTOSpider, Tommy, 21:15
RE: Modifing non-persistent cookies, Matt Fisher, 20:15
RE: PCI DSS Compliance, Steven Jones, 16:03
Re: PCI DSS Compliance, Peter Watkins, 15:32
RE: PCI DSS Compliance, Craig Wright, 15:12
RE: PCI DSS Compliance, Lyal Collins, 14:41
RE: PCI DSS Compliance, Michael Johnson, 14:10
Re: PCI DSS Compliance, Roy Britten, 13:38
New(?) web app sec scanner: NTOSpider, Peine,Holger, 12:56
RE: PCI DSS Compliance, Lyal Collins, 10:04
W3C Addressing Web Security, Derek, 04:12

December 15, 2005

Re: PCI DSS Compliance, Ademar Gonzalez, 22:49
RE: PCI DSS Compliance, Steve Kerns, 11:43
Re: PCI DSS Compliance, Richard Moore, 07:31
RE: PCI DSS Compliance, Sebastien Deleersnyder, 05:30

December 14, 2005

PCI DSS Compliance, Ademar Gonzalez, 19:14

December 13, 2005

RE: Security training of developers and company liability, Wall, Kevin, 12:35

December 12, 2005

Fwd: SF new column announcement: Users inundated with pop-ups, by Scott Granneman, Andrew van der Stock, 23:39
RE: Security training of developers and company liability, James Strassburg, 21:57
Re: Security of magic_quotes_gpc under PHP against SQL injection, ascii, 21:36
RE: Security training of developers and company liability, Harley David, 11:19
Re: Security of magic_quotes_gpc under PHP against SQL injection, Peter Conrad, 07:27
Re: Modifing non-persistent cookies, Rogan Dawes, 04:06
Re: Modifing non-persistent cookies, Dean H. Saxe, 00:14

December 11, 2005

Re: Modifing non-persistent cookies, David Hogue, 22:13
RE: Modifing non-persistent cookies, Luke Fraser, 22:03
Re: Modifing non-persistent cookies, Andres Riancho, 21:53
Re: Security of magic_quotes_gpc under PHP against SQL injection, Steve Slater, 20:53
Modifing non-persistent cookies, Jason binger, 20:43
Re: [Full-disclosure] Fuzzing testing webapp?, Thierry Zoller, 14:10
[Full-disclosure] Fuzzing testing webapp?, Mark Sec, 13:50
Security of magic_quotes_gpc under PHP against SQL injection, Todd Hendricks, 04:15

December 10, 2005

Forced invalid SQL errors, Steven M. Christey, 22:23

December 09, 2005

Re: Security training of developers and company liability, Daniel, 13:19
RE: Security training of developers and company liability, Jeff Robertson, 00:12

December 08, 2005

Re: Security training of developers and company liability, Daniel, 21:59
RE: Security training of developers and company liability, James Strassburg, 21:59
RE: Security training of developers and company liability, Jason Gregson, 21:48
RE: Security training of developers and company liability, Clement Dupuis, 21:38
RE: Security training of developers and company liability, Clement Dupuis, 21:38
RE: Security training of developers and company liability, Brokken, Allen P., 21:38
RE: Security training of developers and company liability, Lyal Collins, 09:52
Re: Security training of developers and company liability, Stephen de Vries, 09:41
RE: Security training of developers and company liability, Griffiths, Ian, 09:41
New SF Article Announcement: Trusting software, Andrew van der Stock, 01:58

December 07, 2005

Security training of developers and company liability, James Strassburg, 23:16
Re: RE: Re: about oracle sql injection, limor188, 12:46
RE: RE: Re: about oracle sql injection, LAROUCHE Francois, 12:36

December 06, 2005

Re: Encrypting Cached data, Georgi Alexandrov, 21:17
Re: Encrypting Cached data, Yousef Syed, 21:17
RE: Re: about oracle sql injection, LAROUCHE Francois, 08:41
Re: Oracle External Users, bug, 06:50
RE: Oracle External Users, Amichai Shulman, 06:20

December 05, 2005

RE: Encrypting Cached data, Hudel, Chris, 20:25
Re: Re: about oracle sql injection, limor188, 10:47
Re: SF new article announcement: Evading NIDS, revisited (pen-test), Jason, 10:47
Oracle External Users, Damien Lewis, 10:47
Re: Encrypting Cached data, Georgi Alexandrov, 10:37

December 04, 2005

Re: Apache mode_security, Stefano Di Paola, 20:01
Re: Re: SOA / Web Services security, native, 19:50

December 03, 2005

Re: about oracle sql injection, Javier Fernandez-Sanguino, 04:54
Re: [WEB SECURITY] How to Prevent XSS evasion attack ?, RSnake, 00:42

December 02, 2005

SF new article announcement: Evading NIDS, revisited (pen-test), Andrew van der Stock, 18:25
Re: Encrypting Cached data, Olaf Reitmaier, 15:34
Administrivia: Out of office replies, faulty configuration and software, Andrew van der Stock, 04:49
RE: Encrypting Cached data, Ig Vermaak, 04:39
RE: about oracle sql injection, LAROUCHE Francois, 03:08
Re: about oracle sql injection, Richard Moore, 02:07
Encrypting Cached data, Yousef Syed, 01:57

December 01, 2005

Re: about oracle sql injection, Javier Fernandez-Sanguino, 12:09
RE: ODBC Injection, Auri Rahimzadeh, 12:09
RE: ODBC Injection, LAROUCHE Francois, 07:06
"RSS Is Worm Bot's Next Target", zeno, 06:36