mailing list archives
Re: Is OWASP vulnerable ??
From: Paul Schmehl <pauls () utdallas edu>
Date: Sat, 10 Mar 2007 22:44:23 -0600
--On March 10, 2007 11:37:25 PM -0500 Valdis.Kletnieks () vt edu wrote:
You can't be serious. I can "control" a server and "force" it to give me
a 404 simply by typing in a page that doesn't exist. You know - like
Yeah, a 404 page controlled by the server might just be too chatty and
give away info - but if you can control the input that creates the 404
page, it gets more interesting...
Paul Schmehl (pauls () utdallas edu)
Senior Information Security Analyst
The University of Texas at Dallas
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
Re: Is OWASP vulnerable ?? Andrew Farmer (Mar 10)