For notice for your security important for consultants too: Advisory 11/2004 PHP memory_limit remote vulnerability http://security.e-matters.de/advisories/112004.html
Advisory 12/2004 PHP strip_tags() bypass vulnerability http://security.e-matters.de/advisories/122004.html apache bug You can trigger it with CAN-2004-0493 apache dos. Further reading: [1] Evolution of Cross-Site Scripting Attacks http://www.idefense.com/XSS.html [2] Brute-Force Exploitation of Web Application Session IDs http://www.idefense.com/idpapers/SessionIDs.pdf [3] XSS-FAQ http://www.cgisecurity.com/articles/xss-faq.txt [4] About Cross-Frame Scripting and Security http://msdn.microsoft.com/library/default.asp?url=/workshop/author/om/xframe_scripting_security.asp -- Mit freundlichen Grüssen Wilfried Goedert mailto:[EMAIL PROTECTED] ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Care2002-developers mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/care2002-developers
