Search| Browse| Contribute
Library| Blogs| Jobs| Podcasts| Wikis| Feeds
Page Location:
Home > Browse > Contributed by Organizations or Campuses; Articles, Papers, and Reports; ... (3 records)
Alternate ViewsRSS

Contributed by Organizations or Campuses; Articles, Papers, and Reports; and Network Vulnerability Assessment

Recent library resources tagged with Contributed by Organizations or Campuses; Articles, Papers, and Reports; and Network Vulnerability Assessment.

Unauthenticated Authentication: Null Bytes and the Affect on Web-based
Added by the EDUCAUSE Librarian
Title:Unauthenticated Authentication: Null Bytes and the Affect on Web-based (ID: CSD4875)
Author(s):Alex Everett (Oklahoma State University)
Origin:Contributed by Organizations or Campuses (2006)
Type:Articles, Papers, and Reports
Abstract:This paper describes a vulnerability that may affect web-based applications that insecurely implement LDAP simple binds for the authentication of users. Web-based applications that fail to properly sanitize a user-submitted username and password may be vulnerable. Successful exploitation may allow for a remote anonymous user to authenticate to the web-based application as any existing user. The exploits described in this paper are most closely related to the Poison NULL byte attacks described in 1999 by Rain Forest Puppy, although utilized for a new purpose [1].
View this resource:
http://www.educause.edu/ir/library/pdf/CSD4875.pdf
| | | |
Login to post comments  Send to a Friend  2043 reads

Server hack at Georgetown University probed
Added by the EDUCAUSE Librarian
Title:Server hack at Georgetown University probed (ID: CSD4544)
Author(s):Jaikumar Vijayan (PC World)
Origin:Contributed by Organizations or Campuses (2006)
Type:Articles, Papers, and Reports
Abstract:Data on as many as 41,000 people may have been compromised.
View this resource:
http://www.computerworld.com/securitytopics/security/hacking/story/0,10801,109245,00.html[Off site]
| | | | | | |
Login to post comments  Send to a Friend  2677 reads

Vulnerability Database Opens
Added by the EDUCAUSE Librarian
Title:Vulnerability Database Opens (ID: CSD3192)
Author(s):Brian Robinson (Harvard University) and Brian Robinson
Origin:Contributed by Organizations or Campuses (2004)
Type:Articles, Papers, and Reports
Abstract:The Open Source Vulnerability Database (OSVDB), the work of a group of security industry volunteers, is an independent database aimed at logging all security vulnerabilities on the Internet. It has been in development since 2002, and just recently been opened for public use.
View this resource:
http://www.fcw.com/fcw/articles/2004/0412/web-osvdb-04-15-04.asp[Off site]
| |
Login to post comments  Send to a Friend  3304 reads