| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <a45400c30708152248j529a383bq37a126fbca1d018d@mail.gmail.com>
Date: Wed, 15 Aug 2007 22:48:05 -0700
From: "d e f c o n" <defconoii@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: I was browsing the web and noticed this,
anyone have an idea?
I am getting an error on my website when I input `--1--` as login and
password, how do I patch this and what does this mean? Could I get hacked?
Or is this nothing to worrie about?
defcon
Offending URL: https://somewebsite.com
Source: System.Web
Message: Input string was not in a correct format.
Stack trace: at System.Web.UI.Page.HandleError(Exception e) at
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint,
Boolean includeStagesAfterAsyncPoint) at
System.Web.UI.Page.ProcessRequest(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at
System.Web.UI.Page.ProcessRequest() at
System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) at
System.Web.UI.Page.ProcessRequest(HttpContext context) at
ASP.loginpage_aspx.ProcessRequest(HttpContext context) at
System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&
completedSynchronously)
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists