('binary' encoding is not supported, stored as-is)
Thanks for all the reply. Maybe I do not put it very clearly in the first email. The auditor's concerns are: Exposure to buffer overflow and environment attacks. So I believe their concern is on server side. Correct me if I'm wrong. They do not go for code review.
What control can we put in place to mitigate the risk? Thanks.
-------------------------------------------------------------------------
This List Sponsored by: Watchfire
Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. See for yourself.
Download AppScan 6.0 today.
https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
--------------------------------------------------------------------------
Received on Jan 11 2006
Intro
