Vulnerability Development mailing list archives

Re: jsp malicious coding

From: Stephane Pierre Bordas <spb276 () MERLE ACNS NWU EDU>
Date: Wed, 30 Aug 2000 08:26:51 -0500

Bruno,

I have a question in ruturn: what exactly is this jsp scripting ? Can
anyone explain it to me, I am frustrated not to know more about it...

thanks for any kind of help,

Stephane

On Tue, 29 Aug 2000, Bruno Cardoso wrote:

I'm not really into jsp, but something came up and I would appreciate
any insights on this matter.
Is there any kind of malicious coding on jsp? Something like the fopen
function on php. I'm really concerned about this because I have some
clients using jps over Apache and I wouldn't enjoy any kind of malicious
activity such as gettin' my /etc/passwd or /etc/shadow via jps
scripting...

Any ideas?? :)

Regards
--
Bruno Cardoso
Easynet Internet Services
Fingerprint C3DF 809E C00B D925 71A8  90BA C75D D0B8 5D46 D4FD


_______________________________________________________________________________
Stephane P. Bordas
Ph.D Student in Theoretical and Applied Mechanics
Northwestern University, Evanston, IL, U.S.A

http://www.tam.nwu.edu/sbordas/
_______________________________________________________________________________
"On ne doit appeler science que l'ensemble des recettes qui marchent, le
reste n'est que literature"

Paul Valery.

Current thread:

jsp malicious coding Bruno Cardoso (Aug 29)
- Re: jsp malicious coding drizzt . dourden (Aug 30)
- Re: jsp malicious coding Stephane Pierre Bordas (Aug 30)
  - Re: jsp malicious coding Jurriaan Kamer (Aug 31)