Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Marc Matteo (marcmlectroid.net)
Date: Mon Mar 25 2002 - 15:57:53 CST
On Mon, 25 Mar 2002, Panayiotis A. Thermos wrote:
> So if you can access another object or resource on a server through an
> application's interface
> by manipulating the reference points of a function, it will be categorized
> as Application Implementation vulnerability.
Like a buffer overflow.
> If the the object is accessed based on the use of different credentials
> (certificates/ user id's etc.), then
> it will fall under the misconfiguration category.
So a world readable /etc/passwd file that can be read is a
> I hope this helps.
Not that it matters, David made what he's afetr clear enough :).