|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Simos Xenitellis (simos74_at_GMX.NET)
Date: Thu Aug 08 2002 - 15:46:10 CDT
Dear Russ,
The issue of vulnerabilities in event-driven systems has been mentioned
last month (7th July 2002) in the vuln-dev mailling list at
http://online.securityfocus.com/archive/82/280912/2002-07-04/2002-07-10/0 In that e-mail, the page http://www.isg.rhul.ac.uk/~simos/event_demo/
demonstrated the issue of event-driven vulnerabilities.
As part of my studies (http://www.isg.rhul.ac.uk/~simos/) I examined
security issues in event-driven systems and the results have been
published in two (academic) papers in May and July, found at
1. http://www.isg.rhul.ac.uk/~simos/pub/SecurityVulnerabilitiesInEvent-drivenSystems.pdf
2. http://www.isg.rhul.ac.uk/~simos/pub/ANewAvenueOfAttack-revised.pdf
I am not quite sure if Chris Paget had seen the demonstration
page mentioned above. If he had consulted that page while writing his
tutorial, then he should had made a reference. It would look strange if
he didn't, since searching on Google for "event-driven vulnerabilities"
reveals the demonstration page above.
Thanks for your time,
Simos Xenitellis
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]