Re: [Full-Disclosure] (no subject)
From: <Valdis.Kletnieks@vt.edu>
Date: Fri Dec 05 2003 - 20:42:32 CST
Received on Fri Dec 05 21:22:18 2003
Date: Fri Dec 05 2003 - 20:42:32 CST
On Sat, 06 Dec 2003 11:00:35 +1300, Nick FitzGerald <nick@virus-l.demon.co.uk> said:
> Indeed -- this is a classic exploit of a classic case of several
> _really, really BAD_ design decisions.
Mea culpa. Ignore my previous posting.
I thought you were flaming the guys at visa.com, when most of the blame goes to
the crackheads who desighed the HTTP URI format and the crackheads at MS who
implemented it. ;)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- application/pgp-signature attachment: stored
This archive was generated by hypermail 2.1.8 : Fri Dec 05 2003 - 22:01:00 CST
Custom Search
