Web Perversion
Solutions
Inside Sanctum
Events
Customers
Support and Training
AppShield Demo
AppScan Demo
web perversion demo
Press Release Back to Press Releases
Perfecto Technologies Black Watch Labs Advisory Reveals Vulnerability in Form Mail Script
 

Santa Clara, Calif. - May 10, 2000 - Perfecto Technologies, the leading developer of Web application security management software, today released its latest Black Watch Labs advisory that reveals how the Form Mail script allows several environment variables to be viewed by the attacker, who can gain useful information on the site, making further attacks more feasible. FormMail contains a debug field named "env_report", whose value is a list of environment variables (accessed via $ENV[name]) separated by commas. These variables (if they exist) are embedded into the message body. Furthermore, the script does not check the integrity of the recipient, thus the recipient field can be changed, so the message will be sent to the attacker's account. Thus the attacker can gain the environment information. For more information go to https://www.perfectotech.com/blackwatch/.

About Black Watch Labs (www.perfectotech.com/blackwatch/)
Black Watch Labs is a research group operated by Perfecto Technologies Inc., the leader in Web Application Security Management. Black Watch Labs was established in order to further the knowledge of the Internet community in the arena of Web application security management. Black Watch Labs publishes security advisories regularly, which are maintained at https://www.perfectotech.com/blackwatch/, and are also posted to relevant security lists and Web sites. Black Watch Labs also operates a Web application security mailing list, which can be subscribed to at https://www.perfectotech.com/blackwatch/. For more info about Black Watch Labs and Web Application Security Management, please call (408) 352-2000 or email [email protected].

About Perfecto Technologies
Founded in 1997 and headquartered in Santa Clara, Calif., Perfecto Technologies is the leader in Web Application Security Management software. AppShield, Perfecto Technologies flagship product, is the first to provide extreme security for customer-facing applications in dynamic Web site environments. Perfecto Technologies has customers in many sectors including, banking, e-tailing, finance, government and healthcare. Privately held, Perfecto Technologies is funded by blue-chip venture capital firms and industry leaders, including Sequoia Capital, Walden and Intel Corporation. More information about Perfecto Technologies may be obtained by visiting the Company's Web site at www.perfectotech.com or by calling the Company directly at (408) 352-2000.

 #   #   #

For Immediate Release
Contact:

Diane Fraiman
Perfecto Technologies, Inc.
(408) 352-2000
[email protected]

Kevin Pedraja
Sterling Communications
(408) 441-4100
[email protected]

Back to Press Releases


      © 2002 Sanctum, Inc.      Privacy Statement
  1. https://www.gustudentassociation.org/
  2. https://kimmerestaurant.com/
  3. https://www.nyonyafood.com/
  4. https://www.perfectotech.com/
  5. https://www.planetgapyear.com/
  6. https://whatcomvet.com/
  7. https://theclassicyachtexperience.com/
  8. https://www.batonrougerosesociety.org/
  9. https://www.finburysullivan.com/
  10. https://mikrofinanzinstitut.com/
  11. https://oakgroveplantationsc.com/
  12. https://www.the-vision-of-harmony.org/
  13. https://www.pantheonpress.com/
  14. https://thefinancialgraduate.com/
  15. https://www.thenutkitchen.com/
  16. https://altiboutique.com/
  17. https://ambushsweden.com/
  18. https://goingonforgod.com/
  19. https://lasdopestattorney.com/
  20. https://www.sewardne.com/
  21. https://www.tehranfestival.com/
  22. https://www.bistrotmarin.com/
  23. https://brysonchristianmontessorischool.com/
  24. https://www.excalibureurope.com/
  25. https://www.tropicaltopless.com/
  26. https://www.originallotsoflox.com/
  27. https://www.wavespace-berlin.com/
  28. https://www.nicolasboutruche.com/
  29. https://www.michiganmediates.org/
  30. https://www.victoria-abbott.com/
  31. https://www.yourmyrtlebeachproperty.com/
  32. https://metrcconference.com/
  33. https://biotechscope.com/
  34. https://jzbrasil.com/
  35. https://kingswoodacquisition.com/
  36. https://www.mobilegourmetkitchen.com/
  37. https://saafootball.org/
  38. https://griefergames.info/
  39. https://ampalauragarcianoblejas.com/
  40. sbobet
  41. judi parlay
  42. togel kamboja
  43. Pengeluaran Cambodia
  44. judi bola
  45. demo slot
  46. Togel Kamboja
  47. keluaran Kamboja
  48. slot thailand
  49. togel kamboja
  50. keluaran kamboja
  51. togel Kamboja
  52. slot demo
  53. keluaran cambodia
  54. togel cambodia
  55. demo mahjong
  56. live draw macau
  57. slot thailand
  58. pengeluaran kamboja