[Maine-pm] Perl/CGI exploits
maine-pm at mail.pm.org
maine-pm at mail.pm.org
Wed Aug 20 09:09:23 CDT 2003
I prefer php for web scripting lately, though I'm sure it has it's own set of security vulnerabilities. I still use perl for it's rich set of modules and SNMP support, but limit my development to command line scripts that run as cron jobs. Those jobs update MySQL databases and my php scripts act as a front end for users who want to search the database.
I couldn't get to Phrack.org, my company proxy classifies it as a "criminal skills" site! (Or should that be skillz?) Have to check it from home.
Ron Lussier
L.L. Bean, Inc.
Network Management Analyst
(207) 552-5152
>>> <maine-pm at mail.pm.org> 08/20/03 06:25AM >>>
I was reading Phrack the other day and came across this old, but interesting article that details some potential problems in scripts: http://www.phrack.org/show.php?p=55&a=7
I was curious if anyone had any experiences with sloppy/vulnerable Perl scripts (written by others, of course) or tips on writing secure scripts.
Thanks
------------------------------------------------
Joe Minieri, CISSP
Director of Application Engineering
OpenService
110 Turnpike Road, Suite 308
Westborough, MA 01581
Phone: 508-380-6372
AIM: minieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pm.org/pipermail/maine-pm/attachments/20030820/0a978ab0/attachment.htm
More information about the Maine-pm
mailing list