accept no compromises

Register | Login

Home Files News About Contact Add New

Showing 1 - 1 of 1

Files

022805.txt: Posted Mar 1, 2005; Authored by Amit Klein | Site webappsec.org; This paper describes several techniques for exposing file contents using the site search functionality. It is assumed that a site contains documents which are not visible/accessible to external users. Such documents are typically future PR items, or future security advisories, uploaded to the website beforehand. However, the site is also searchable via an internal search facility, which does have access to those documents, and as such, they are indexed by it not via web crawling, but rather, via direct access to the files. Therein lies the security breach.; tags | paper, web; MD5 | 87eb98b564a55d22d12c7b83e9641965; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Heine Pedersen 29 files
Torben Jensen 29 files
Red Hat 25 files
Debian 24 files
Ubuntu 24 files
Mandriva 15 files
sinn3r 12 files
the_cyber_nuxbie 11 files
L3b-r1'z 10 files
Am!r 9 files

Recent News

Top 10 Android Mobile Security Apps: Posted May 25, 2012; tags | headline, phone, google; Link | Favorite | Comments (0)

US Mayor And Son Charged With Hacking Into Opposition Site: Posted May 25, 2012; tags | headline, hacker, government; Link | Favorite | Comments (0)

New SpyEye Plugin Takes Control Of Webcam And Microphone: Posted May 24, 2012; tags | headline, privacy, malware, trojan, botnet; Link | Favorite | Comments (0)

Attack Of The Clones: Researcher Pwns SecureID Token System: Posted May 24, 2012; tags | headline, hacker, flaw, science, rsa; Link | Favorite | Comments (0)

Yahoo! Leaks! Private! Key! In! Axis! Chrome! Debut!: Posted May 24, 2012; tags | headline, flaw, yahoo, cryptography; Link | Favorite | Comments (0)

Comcast Phishing Site Contains Valid TRUSTe Seal: Posted May 24, 2012; tags | headline, cybercrime, flaw, scam, phish; Link | Favorite | Comments (0)

Armenia Jails Bredolab Botmaster For 4 Years: Posted May 24, 2012; tags | headline, government, cybercrime, botnet, fraud; Link | Favorite | Comments (0)

Police Given 350 Mobile Fingerprint Scanners For Olympics: Posted May 24, 2012; tags | headline, government, privacy, britain; Link | Favorite | Comments (0)

Researcher Needles Oracle Over Java Security: Posted May 24, 2012; tags | headline, flaw, oracle, java; Link | Favorite | Comments (0)

35,000 Passwords Reset After BigPond GameArena Hacked: Posted May 24, 2012; tags | headline, hacker, data loss, password; Link | Favorite | Comments (0)

View More News →

packet storm

© 2012 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Advertising: Become an Advertiser
Hosting By: Rokabear; Global Mirror List