SecurityRatty: tag: servlet

SEARCH RESULTS

Showing 1-2 of 2 records

Minimizing the Attack Surface, Part 1

2008-06-24 19:09:34 by Chris Eng in Zero in a bit

...Servlet(s) for processing requests. Have you compared what that Servlet can do against what you need it to do A fictitious example may help illustrate further. Imagine you just downloaded a new library called WhizBang. You follow the installation instructions to define and map two servlets in your web.xml file, WhizServlet and BangServlet,...

Tags: attack surface, custom web applications, web, services, prevent unnecessary services, unnecessary services, security, third-party libraries, fix security holes

Minimizing the Attack Surface, Part 2

2008-07-07 21:10:25 by Chris Eng in Zero in a bit

...servlet had an upload function An Example Heres a close-to-home example related to my post about DWR 2.0.5 from the other day. DWR is an Ajax framework that has a variety of operating modes. In-house, we use a subset of DWRs full functionality specifically, we interact with it using the plaincall method only, so we made sure that the features...

Tags: dwr-invoker dwr, dwr-invoker, dwr library, dwr, library, security, dwr dispatcher, security posture, point-in-time application profile

Showing 1-2 of 2 records

BROWSE CATEGORIES

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo