Its http://www.owasp.org (not .com) -----Original Message----- From: Gaziel, Avishay [mailto:agazielat_private] Sent: Sunday, January 27, 2002 8:57 AM To: 'ishaybasat_private' Cc: 'vuln-devat_private' Subject: RE: ASP Security Hi Ishay Security issues regarding .asp codes is only a small part of a security issue called "Unexpected Input". Briefly, what you are looking for is articles about "sql injection" which is a method of injecting your own sql statement to a statement built using the .asp you can find a good starting point @: www.sqlsecurity.com www.owasp.com Avishay -----Original Message----- From: ishaybasat_private [mailto:ishaybasat_private] Sent: þâ 22 éðåàø 2002 18:34þ To: vuln-devat_private Subject: ASP Security Hello, I am doing a vulnerability development on a product which uses some .ASP pages, and I am looking for some papers regarding security issues of ASP code. Anyone? Thanks. --- Time is short. I am short. Therefore I am time. Ishay Sommer **************************************************************************** * The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. **************************************************************************** *
This archive was generated by hypermail 2b30 : Sun Jan 27 2002 - 20:19:55 PST