[4116] in WWW Security List Archive
Re: Front-Page extensions?
daemon@ATHENA.MIT.EDU (avital@netvision.net.il)
Mon Jan 27 03:49:51 1997
From: avital@netvision.net.il
To: bracha@eye-on.co.il
Date: Mon, 27 Jan 1997 09:10:03 +0000
CC: adam@homeport.org, www-security@ns2.rutgers.edu
In-reply-to: <32EB9C56.1A3F@eye-on.co.il>
Errors-To: owner-www-security@ns2.rutgers.edu
> From: bracha@eye-on.co.il
> Date: Sun, 26 Jan 1997 20:03:02 +0200
> To: Leonid S Knyshov <wiseleo@juno.com>
> Cc: adam@homeport.org, www-security@ns2.rutgers.edu
> Subject: Re: Front-Page extensions?
> Leonid S Knyshov wrote:
> >
> > >No, we must filter to only allow those characters we know are safe,
> > >otherwise most people will make the etc set too small, and allow
> > >attacks.
> > >
> > >That which is not explicitly permitted is denied.
> > >
> > >Adam
> > >
> > Thanks for correcting me, sorry for confusion :)
> >
> > Too many server admins unfortunately don't know that...
> >
> > It is estimated 80+ % of web servers are vulnerable nowdays, the entire
> > world needs to be educated :(
> >
> > Leo.
> Take me off this dumb list!!!!!Take me off this dumb list!!!!!Take me
> off this dumb list!!!!!Take me off this dumb list!!!!!Take me off this
> dumb list!!!!!
>
>
________________________________________
Name: Gady Shlasky
President & CEO
E-mail: gady@micromacro.com
Office:
Micro Macro Technologies
PO Box 11516, Shikma 3 Azur 58001, Israel
Phon: 972-3-5582345, 972-50-345289
Fax: 972-3-5582344
Home:
PO Box 1105, Kochav Yaeir 44864, Israel
Tel: 972-9-7494694
Date: 12/04/95
Time: 08:32:04
________________________________________
