Re: SSL VPNs and security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: SSL VPNs and security
From: Michal Zalewski <lcamtuf@xxxxxxxxxxxx>
Date: Fri, 9 Jun 2006 08:31:51 +0200 (CEST)
Cc: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
In-reply-to: <9b2461300606082317r7f16dafcv3b531e5652747c85@xxxxxxxxxxxxxx>
References: <Pine.LNX.4.58.0606072320530.32681@dione> <9b2461300606082317r7f16dafcv3b531e5652747c85@xxxxxxxxxxxxxx>

On Fri, 9 Jun 2006, E Mintz wrote:

> How about some real-world, application specific exploits?

There's an example of a XSS that can be used to compromise Cisco Web VPN
session in the text.

> So, please show me an example of an actual compromise and I'll listen.
> Otherwise, put up, or shut up!

You're not strictly required to listen, you know ;)

/mz

Follow-Ups:
- Re: SSL VPNs and security
  - From: E Mintz

References:
- SSL VPNs and security
  - From: Michal Zalewski

Prev by Date: Re: SSL VPNs and security
Next by Date: Secunia Research: SelectaPix Cross-Site Scripting and SQL Injection Vulnerabilities
Previous by thread: Re: SSL VPNs and security
Next by thread: Re: SSL VPNs and security
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux