[prev in list] [next in list] [prev in thread] [next in thread]
List: vuln-dev
Subject: Re: CGI insecurities
From: john <john () RM-R ! NET>
Date: 2000-01-27 15:38:12
[Download RAW message or body]
I would agree that stripping is not the right approach
Useful CERT advisory on "keeping the good stuff" with examples
http://www.cert.org/advisories/CA-97.25.CGI_metachar.html
> lots of situations. You're taking the much better approach of only
> keeping the good stuff. However, what to keep depends on what the data
> is.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic