(more) Advanced SQL Injection

This paper addresses the subject of SQL Injection in a Microsoft SQL Server/IIS/Active Server Pages environment, but most of the techniques discussed have equivalents in other …

Network InSecurity

This technical brief will overview the inherent flaws that plague the internet today, making it vulnerable to corporate espionage, money laundering, grand larceny, trading …

Security and open source

Security problems in software are of course an extremely bad thing, regardless of the business model under which the software was written. I want to consider why anybody …

OpenSSH Remote Vulnerability Roundup

In a recent discussion about the Apache Chunk Handling vulnerability, which consisted of many debates and rants on how the reporting was done, ISS mentioned that they found …