Accelerate your eCommerce ambitions with adeptCommerce Suite

SEO Egghead Consulting Group is a web development firm dedicated to creating custom, search-engine-optimized web site applications.

We specialize in eCommerce and content management web sites that not only render information beautifully to the human, but also satisfy the "third browser" - the search engine. To us, search engines are people too.

image description image description image description image description
Jul 31
image description
Author:
Jaimie Sirovich

Most deployed versions of Apache are potentially exploitable, as mod_rewrite has been found to be vulnerable to a stack smashing attack.  It is somewhat muted by the fact that only certain rules cause the problem.  The vulnerability is caused by an off-by-one error — the most common programming error known to man.  Many SEOs use mod_rewrite, but not all will be affected; I checked my rules, and I am not exploitable (otherwise I wouldn't post this), but I'm upgrading anything I have anyway.  This affects all branches of Apache  — 1.3 to 2.2.  The original report from McAfee is here.

Tell an amigo:
  • Sphinn
  • Digg
  • Reddit
  • del.icio.us
  • StumbleUpon
  • Facebook


Jun 30
image description
Author:
Jaimie Sirovich

Archived; click post to view.
Excerpt: Note: the code for the auditing script is located here. As a programmer, I cannot stress it enough. What is it? Escaping all data processed by your web application's code! It's a common security issue, but most people are only accustomed to it, these days, in the context of SQL. Every programmer worth salt knows that he must escape/sanitize data sent to a SQL database. Otherwise, carefully-constructed input can form a totally cool query that exposes and/or vandalizes data. Despite this, many programmers forget to escape SQL input; and even more of them forget to…

Tell an amigo:
  • Sphinn
  • Digg
  • Reddit
  • del.icio.us
  • StumbleUpon
  • Facebook