Web Application Security (thread)

Final Announcement: 6th OWASP AppSec Conference - May 15-17 2007 - Milan, Italy, Dave Wichers, 2007/04/27
IE 7 and Firefox Browsers Digest Authentication Request Splitting, Stefano Di Paola, 2007/04/25
Re: [Webappsec] script inside .txt file, Josh Zlatin-Amishav, 2007/04/25
- Re: [Webappsec] script inside .txt file, Stefano Di Paola, 2007/04/25
[Full-disclosure] Anti-Virus vendors prove less-effective, David Kierznowski, 2007/04/24
- Re: [Full-disclosure] Anti-Virus vendors prove less-effective, James Matthews, 2007/04/24
  - Re: [Full-disclosure] Anti-Virus vendors prove less-effective, Nick FitzGerald, 2007/04/25
  - Re: [Full-disclosure] Anti-Virus vendors prove less-effective, David Kierznowski, 2007/04/26
WASC-Articles: 'The business case for security frameworks', announcements, 2007/04/23
Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting, Amit Klein, 2007/04/20
- Message not available
  - Message not available
    - Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting, Amit Klein, 2007/04/20
- Message not available
  - Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting, Amit Klein, 2007/04/20
    - Message not available
    - Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting, Amit Klein, 2007/04/20
Re: [Webappsec] Tacking A Difficult Problem - Solutions, Amit Klein, 2007/04/20
- Re: [Webappsec] Tacking A Difficult Problem - Solutions, Amit Klein, 2007/04/20
Yet another SQL injection framework, Guillermo Marro, 2007/04/19
- Re: Yet another SQL injection framework (file corruption), Guillermo Marro, 2007/04/20
SensePost Aura - aka Solving the Google API Key Problem.., Haroon Meer, 2007/04/19
Reminder: HITBSecConf2007 - Malaysia: Call for Papers closing in 2 weeks, Praburaajan, 2007/04/18
WASC-Articles: 'The Importance of Application Classification in Secure Application Development', contact, 2007/04/17
HTTP Secure Cookie Directive setting, kapil assudani, 2007/04/06
Username enumeration vulnerabilities, Adrian Pastor, 2007/04/05
[Full-disclosure] Microsoft .NET request filtering bypass vulnerability (BID 20753), Adrian Pastor, 2007/04/05
IIS 5 cookie encryption password, Serguey Forcade, 2007/04/04
- Message not available
  - Re: IIS 5 cookie encryption password, Serguey Forcade, 2007/04/05
    - Re: IIS 5 cookie encryption password, Santiago Barahona, 2007/04/10
    - Re: IIS 5 cookie encryption password, Santiago Barahona, 2007/04/10
[CFP] VNSECON 07 - Call for Papers / HCMC - August 03-04, 2007, rd, 2007/04/04
Source code review tools for ColdFusion, Darren Bounds, 2007/04/04
- Re: Source code review tools for ColdFusion, Dean H. Saxe, 2007/04/04
  - Re: Source code review tools for ColdFusion, Darren Bounds, 2007/04/04
Wikto and Google API key problem, cgi phantom, 2007/04/04
- RE: Wikto and Google API key problem, Kunle Adetoro, 2007/04/04
  - Re: Wikto and Google API key problem, Haroon Meer, 2007/04/04
- RE: Wikto and Google API key problem, jay.tomas, 2007/04/04
Getting WISKTO v1.63.2279.18538 working correctly !, cgi phantom, 2007/04/04
[Full-disclosure] Fuzzled - Perl fuzzing framework, Tim Brown, 2007/04/04
- Re: [Full-disclosure] [fuzzing] Fuzzled - Perl fuzzing framework, Jared DeMott, 2007/04/04
ASP.NET default input validation, Mark K. Murdock, 2007/04/04
- Re: ASP.NET default input validation, pagvac, 2007/04/05
Announcing: 6th OWASP AppSec Conference - May 15-17 2007 - Milan, Italy, Dave Wichers, 2007/04/04
Black Hat USA CFP Now Open!, Jeff Moss, 2007/04/04
HITBSecConf2007 - Malaysia: Call for Papers now Open, Praburaajan, 2007/04/04
White List Proxy ?, McCarty, Eric C., 2007/04/04
- Re: White List Proxy ?, Larry C CUMMINGS, 2007/04/04
- RE: White List Proxy ?, Paul Melson, 2007/04/04
[Full-disclosure] Woltlab Burning Board (wbb) 2.3.6 CSRF/XSS - 0day, SaMuschie, 2007/04/04
- Re: Woltlab Burning Board (wbb) 2.3.6 CSRF/XSS - 0day, MC Iglo, 2007/04/04
D2K Security Code Auditing, alfredhitchcock_007, 2007/04/04
[Full-disclosure] Serendipity unauthenticated SQL-Injection, SaMuschie, 2007/04/04
ModSecurity: Cool Rules Project, Ryan Barnett, 2007/04/04
NTLM Authenthication,, IRM, 2007/04/04
- RE: NTLM Authenthication,, McCarty, Eric C., 2007/04/04
  - RE: NTLM Authenthication,, Shaon Diwakar, 2007/04/04
- Re: NTLM Authenthication,, Amit Klein, 2007/04/04
Web form brute force with THC-Hydra... bug?, Danett song, 2007/04/04
WordPress Search Function SQL-Injection, SaMuschie, 2007/04/04
- Re: WordPress Search Function SQL-Injection, Justin Frydman - Thinkweb Media, 2007/04/04
  - Re: [Full-disclosure] WordPress Search Function SQL-Injection, ascii, 2007/04/04
    - Re: [Full-disclosure] WordPress Search Function SQL-Injection, Biomech, 2007/04/04
[Full-disclosure] Nullsoft ShoutcastServer Persistant XSS - 0day, SaMuschie, 2007/04/04
[Full-disclosure] WordPress AdminPanel CSRF/XSS - 0day, SaMuschie, 2007/04/04
Paper announcement: Know Your Enemy: Web Application Threats, Jamie Riden, 2007/04/04
SQL Injection and XSS testing,, IRM, 2007/04/04
- RE: SQL Injection and XSS testing,, WebAppSec, 2007/04/04
- Re: SQL Injection and XSS testing,, Josh Zlatin-Amishav, 2007/04/04
- Re: SQL Injection and XSS testing,, Jason Ross, 2007/04/04
- Re: SQL Injection and XSS testing,, Matteo Meucci, 2007/04/04
- Re: SQL Injection and XSS testing,, crazy frog crazy frog, 2007/04/04
- RE: SQL Injection and XSS testing,, James Ash, 2007/04/04
- Re: SQL Injection and XSS testing,, eugk . 46247649, 2007/04/04
- Re: SQL Injection and XSS testing,, Henry Troup, 2007/04/04
Overtaking Google Desktop, Yair Amit, 2007/04/04
Re: Universal PDF XSS Remediation (Fix), Tim Brown, 2007/04/04