WebApp Sec mailing list archives

RE: looking for advanced web hacking course

From: "Keifer, Trey" <Trey.Keifer () fishnetsecurity com>
Date: Thu, 13 Nov 2003 16:05:44 -0600

we went fairly detailed on the topic of stack/heap overflows


I'm interested to know, what kind of information did they discuss in regards to web apps and
stack/heap overflows? My experience has been that these types of vulnerabilities are not typically
found in web apps because A) they are usually based off C classes (strcpy, etc...) which are typically
not used on the web and B) languages like ASP.Net and Java have built-in bounds checking.

Trey Keifer
Security Engineer - Level II
Fishnet Security

Office: 816.421.6611
Cell: 816.710.6830
Toll Free: 888.732.9406
Fax: 816.421.3371

http://www.fishnetsecurity.com

Current thread:

Re: looking for advanced web hacking course, (continued)
- - - Re: looking for advanced web hacking course Tim Greer (Nov 13)
  - Re: looking for advanced web hacking course The Crocodile (Nov 13)
- Re: looking for advanced web hacking course minime (Nov 13)
  - Re: looking for advanced web hacking course A.D.Douma (Nov 13)
    - Re: looking for advanced web hacking course Mr. Rufus Faloofus (Nov 14)
    - Re: looking for advanced web hacking course Jarmo Joensuu (Nov 14)
- RE: looking for advanced web hacking course latte1 (Nov 13)
- RE: looking for advanced web hacking course Cuthbert, Daniel (Nov 13)
- RE: looking for advanced web hacking course Filip Maertens (Nov 13)
- RE: looking for advanced web hacking course Zhou, Joe [CC] (Nov 13)
- RE: looking for advanced web hacking course Keifer, Trey (Nov 13)
- RE: looking for advanced web hacking course Filip Maertens (Nov 19)