On May 19, 2009, at 9:23 PM, Steve McMahon wrote:
The paper mentions Plone, but all they found is that Plone rejects the
bad input but "Since this error generates
~100 lines in the log file, it may be used to obfuscate other
attacks." I found no serious vulnerability claim.
How odd. Just did
On 20.05.09 06:23, Steve McMahon wrote:
> The paper mentions Plone, but all they found is that Plone rejects the
> bad input but "Since this error generates
> ~100 lines in the log file, it may be used to obfuscate other
> attacks." I found no serious vulnerability claim.
Thanks Steve for cross-ch
The paper mentions Plone, but all they found is that Plone rejects the
bad input but "Since this error generates
~100 lines in the log file, it may be used to obfuscate other
attacks." I found no serious vulnerability claim.
On Tue, May 19, 2009 at 8:59 PM, Jon Stahl wrote:
> Andreas Jung wrote:
Andreas Jung wrote:
Hi there,
just read this article (in German) about a new attack pattern called
HTTP parameter polution and they mention Plone:
http://www.linux-community.de/Internal/Nachrichten/Webanwendungen-mit-HTTP-Parameter-Pollution-angreifen
Anyone heard of this?
http://seclists
Hi there,
just read this article (in German) about a new attack pattern called
HTTP parameter polution and they mention Plone:
http://www.linux-community.de/Internal/Nachrichten/Webanwendungen-mit-HTTP-Parameter-Pollution-angreifen
Anyone heard of this?
Andreas
begin:vcard
fn:Andreas Jung
n:Jun