Re: [Full-disclosure] Google Sacure (A. Jodoin)
- From: Juha-Matti Laurio <juha-matti.laurio@xxxxxxxx>
- Date: Fri, 26 Oct 2007 20:14:16 +0300 (EEST)
When typing these words _shipp_ing and script_ing_ these keys aren't even near each other on the keyboard... :)
- Juha-Matti
alexandre jodoin <jodoin_alexandre@xxxxxxxxxxx> wrote:
How can security companies protect us if they can't even configure their *** right?
More on that :
From their "Pen Test Whitepaper" on http://www.sacure.com/index.php"The Web-based authentication is exploited by using XSS (cross-site shipping) or SLQ injection or MITM (Man-in-the-Middle) attacks."
WTF is cross-site shipping ???
:)
_________________________________________________________________
Are you ready for Windows Live Messenger Beta 8.5 ? Get the latest for free today!
http://entertainment.sympatico.msn.ca/WindowsLiveMessenger
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: Re: [Full-disclosure] TCP Hijacking (aka Man-in-the-Middle)
- Next by Date: [Full-disclosure] RealPlayer vuln - versions affected?
- Previous by thread: Re: [Full-disclosure] Google Sacure (A. Jodoin)
- Next by thread: Re: [Full-disclosure] Google Sacure (A. Jodoin)
- Index(es):
