Myth or reality? This paper at imperva.com shows how relatively simple techniques can be used to automatically find and attack vulnerable application servers. Looks plausible enough to me.
You’ve been warned: use a serious framework for your next project ;-)
Like this:
LikeLoading...
Related
This entry was posted on Wednesday, March 31st, 2004 at 8:00 am and is filed under The Web. You can follow any responses to this entry through the RSS 2.0 feed.
Both comments and pings are currently closed.
Well, even if Cocoon doesn’t have some of the wide-open holes that some systems have, protecting from SQL injection is not built into the framework and requires careful inspection of direct transmission of request parameters to SQL queries…
Anyway, thanks for the pointers, this is an interesting read!
cat myself | sort | head -2
Bertrand Delacrétaz here - my "résumé" will tell you more.
The opinions expressed here are my own, I'm not representing any group or company on this blog. YMMV.
We need to find a name for a +1 above a large top-quoted block of text in email. "I agree with everything, or maybe… twitter.com/i/web/status/1…3 days ago
@evernote Your poll is missing a "no, not at all, keep it simple" option. 3 days ago
RT @clementplop: The slide deck is nice, but the slide 32 is just awesome. If you are interested by #serverless, look at the full deck. #s… 5 days ago
I like Introspected REST's idea of providing hypermedia in parallel with content. Its MicroTypes also map well to X… twitter.com/i/web/status/1…1 week ago
RT @AdobeIO: "Because it’s the right thing to do, it’s the smart thing to do, and it’s the rewarding thing to do." @mjasay explains how, an… 1 week ago
Well, even if Cocoon doesn’t have some of the wide-open holes that some systems have, protecting from SQL injection is not built into the framework and requires careful inspection of direct transmission of request parameters to SQL queries…
Anyway, thanks for the pointers, this is an interesting read!