[Webappsec] [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting
Arian J. Evans
arian.evans at anachronic.com
Wed Apr 25 18:39:28 EDT 2007
On 4/25/07, Andy Steingruebl <steingra at gmail.com> wrote:
>
> Now all you have to do is find a site running HTTP digest
> authentication. Care to speculate on the count of those?
Sure. digest auth >= US ASCII & UTF-7 support.
-ae
--
> Andy Steingruebl
> steingra at gmail.com
> _______________________________________________
> Webappsec mailing list
> Webappsec at lists.owasp.org
> http://lists.owasp.org/mailman/listinfo/webappsec
>
--
Arian Evans
solipsistic software security sophist
"I spend most of my money on motorcycles, martinis, and mistresses. The rest
of it I squander."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/webappsec/attachments/20070425/dc8f0770/attachment.html
More information about the Webappsec
mailing list