Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Sverre H. Huseby (shhthathost.com)
Date: Wed Jun 19 2002 - 16:07:20 CDT
We are starting to be good at identifying, classifying and speculating
in web application vulnerabilities and possible attacks. For
marketing purposes (I'm such a looser!) it would be nice to have a
list of actual exploits: Real-life examples of vulnerabilities in
real-life web applications that has actually been exploited.
What I most often see is press that demonstrate that a hole is present
in eg. a bank or a shop, but I seldom see articles about bad guys
actually gaining something (other than publicity) from the holes.
If some of you know about any real-life (I'm getting tired of
repeating that phrase) web application attacks, that is: not attacks
on off-the-shelf OSes, web servers and other software, but on custom
made web applications, please E-mail me the details. I'll happily
compile a list and post it here later on.
-- shhthathost.com Computer Geek? Try my Nerd Quiz http://shh.thathost.com/ http://nerdquiz.thathost.com/