[4099] in WWW Security List Archive
Re: Front-Page extensions?
daemon@ATHENA.MIT.EDU (bracha@eye-on.co.il)
Sun Jan 26 14:53:48 1997
From: bracha@eye-on.co.il
Date: Sun, 26 Jan 1997 20:03:02 +0200
To: Leonid S Knyshov <wiseleo@juno.com>
CC: adam@homeport.org, www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
Leonid S Knyshov wrote:
>
> >No, we must filter to only allow those characters we know are safe,
> >otherwise most people will make the etc set too small, and allow
> >attacks.
> >
> >That which is not explicitly permitted is denied.
> >
> >Adam
> >
> Thanks for correcting me, sorry for confusion :)
>
> Too many server admins unfortunately don't know that...
>
> It is estimated 80+ % of web servers are vulnerable nowdays, the entire
> world needs to be educated :(
>
> Leo.
Take me off this dumb list!!!!!Take me off this dumb list!!!!!Take me
off this dumb list!!!!!Take me off this dumb list!!!!!Take me off this
dumb list!!!!!
