Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq: Re: On product vulnerability history and vulnerability complexity

Re: On product vulnerability history and vulnerability complexity

From: Javor Ninov <drfrancky_at_securax.org>
Date: Tue, 04 Apr 2006 10:49:02 +0300

Sorry if i sound rude but:
Gadi Evron wrote:

> Looking even at web applications and their history one can easily tell if:
> 1. They are professionally written.
> 2. The vulnerabilities seen before and the ones we could find are not
> trivial or really say anything about the coder.
>
> That's how we chose WordPress for blogging.
So you mean that XSS is not trivial and difficult to spot ?
For today code XSS is unacceptable and speaks very for the author.

--
Javor Ninov aka DrFrancky
securitydot.net

application/pgp-signature attachment: OpenPGP digital signature

Received on Apr 04 2006

This message: [ Message body ]
Next message: Måns Nilsson: "RE: recursive DNS servers DDoS as a growing DDoS problem"
Previous message: Martin Pitt: "[USN-267-1] mailman vulnerability"
In reply to: Gadi Evron: "Re: On product vulnerability history and vulnerability complexity"
Next in thread: Steven M. Christey: "Re: On product vulnerability history and vulnerability complexity"
Reply: Steven M. Christey: "Re: On product vulnerability history and vulnerability complexity"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]