Firewall Wizards mailing list archives
Re: Application-level Attacks
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Sat, 29 Jan 2005 10:47:27 -0500
Paul D. Robertson wrote:
Hmmm, but an SQL injection attack isn't really a protocol issue- it's an unexpected input issue-
It's an application-specific flaw in the application accepting the input, unless I really misunderstand how SQL injection works. If the thing that is broken is an "application" then attacks against that break are "application attacks" no? mjr. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Application-level Attacks vbwilliams (Jan 28)
- Re: Application-level Attacks Adam Shostack (Jan 28)
- Re: Application-level Attacks Marcus J. Ranum (Jan 29)
- Re: Application-level Attacks Adam Shostack (Jan 30)
- Re: Application-level Attacks Marcus J. Ranum (Jan 29)
- Re: Application-level Attacks Marcus J. Ranum (Jan 29)
- Re: Application-level Attacks Paul D. Robertson (Jan 29)
- Re: Application-level Attacks Marcus J. Ranum (Jan 29)
- Re: Application-level Attacks Paul D. Robertson (Jan 29)
- Re: Application-level Attacks Marcus J. Ranum (Jan 29)
- Re: Application-level Attacks Paul D. Robertson (Jan 29)
- Re: Application-level Attacks M. Dodge Mumford (Jan 30)
- Re: Application-level Attacks Marcus J. Ranum (Jan 30)
- Re: Application-level Attacks Crispin Cowan (Jan 30)
- Re: Application-level Attacks Stephen P. Berry (Jan 30)
- Re: Application-level Attacks Adam Shostack (Jan 28)
- Re: Application-level Attacks Devdas Bhagat (Jan 30)