[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Exploiting an online store

To: Josh perrymon <perrymonj@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Exploiting an online store
From: Gadi Evron <ge@xxxxxxxxxxxx>
Date: Thu, 15 Sep 2005 03:29:25 +0200

Josh perrymon wrote:

I was reading an article about an attacker that could have changed a
price in an online shopping cart-

Check the date of the article. That company no longer exists and SQL injections are not THAT big of an issue for established eCommerce sites as they were in 1999.

Web security is still a major issue, but this article is nothing but FUD in 2005.

Eran Reshef is now CEO of the infamous Blue Security.

        Gadi.

--
Available for consulting:
+972-50-5428610 / ge@xxxxxxxxxxxxx
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Exploiting an online store
  - From: Valdis . Kletnieks

References:
- [Full-disclosure] Exploiting an online store
  - From: Josh perrymon

Prev by Date: Re: [Full-disclosure] Mozilla / Mozilla Firefox authentication weakness
Next by Date: RE: [Full-disclosure] FireFox Host: Buffer Overflow is not justexploitable on FireFox
Previous by thread: [Full-disclosure] Exploiting an online store
Next by thread: Re: [Full-disclosure] Exploiting an online store
Index(es):
- Date
- Thread