[nycphp-talk] worm/virus's hammering feedback scripts?
Daniel Convissor
danielc at analysisandsolutions.com
Tue Sep 13 07:51:05 EDT 2005
Hi Billy:
On Mon, Sep 12, 2005 at 10:22:38PM -0400, Billy Reisinger wrote:
> Yes, the person has to get the hack
> into the Content-type: header, but if this _is_ accomplished, the
> attacker can append characters or data to the message body, from what
> I understand. We're splitting hairs, here.
No, we're not. You said the user input for the body can't have
"content-type" in it, which is false.
--Dan
--
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
data intensive web and database programming
http://www.AnalysisAndSolutions.com/
4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409
More information about the talk
mailing list