problem to translate DSA 125 in french

To: debian-security@lists.debian.org
Cc: Pierre Machard <pmachard@tuxfamily.org>, Martin.Quinson@ens-lyon.fr
Subject: problem to translate DSA 125 in french
From: Martin Quinson <Martin.Quinson@ens-lyon.fr>
Date: Fri, 26 Apr 2002 08:59:50 +0200
Message-id: <[🔎] 20020426065950.GJ687@blaise.ens-lyon.fr>

Hello,

We have an ongoing effort to keep all DSA translated to french. But we have
a problem with the DSA125:

  Yuji Takahashi discovered a bug in analog which allows a cross-site
  scripting type attack. It is easy for an attacker to insert arbitrary
  strings into any web server logfile. If these strings are then analysed by
  analog, they can appear in the report. By this means an attacker can
  introduce arbitrary Javascript code, for example, into an analog report
  produced by someone else and read by a third person. Analog already
  attempted to encode unsafe characters to avoid this type of attack, but
  the conversion was incomplete. 
  
What is a cross-site scripting type attack ?

If there is some french speaking people on this list, could you propose a
translation ? If not, could you explain in english what kind of attack it is?

Thanks for all, Mt.

PS: keep us in CC, since we are not on the ML.


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: problem to translate DSA 125 in french
  - From: Andrew Pimlott <ota-18@andrew.pimlott.net>

Prev by Date: unsubscribe
Next by Date: how to unsubscribe.
Previous by thread: Re: IPtables log summary?
Next by thread: Re: problem to translate DSA 125 in french
Index(es):
- Date
- Thread