[Full-disclosure] Google Sacure (A. Jodoin)
alexandre jodoin
jodoin_alexandre at hotmail.com
Fri Oct 26 15:01:15 BST 2007
>> How can security companies protect us if they can't even configure their shit right?
More on that :
>From their "Pen Test Whitepaper" on http://www.sacure.com/index.php
"The Web-based authentication is exploited by using XSS (cross-site shipping) or SLQ injection or MITM (Man-in-the-Middle) attacks."
WTF is cross-site shipping ???
:)
_________________________________________________________________
Are you ready for Windows Live Messenger Beta 8.5 ? Get the latest for free today!
http://entertainment.sympatico.msn.ca/WindowsLiveMessenger
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20071026/41cece2d/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.