[Full-disclosure] I was browsing the web and noticed this, anyone have an idea?
d e f c o n
defconoii at gmail.com
Thu Aug 16 06:48:05 BST 2007
I am getting an error on my website when I input `--1--` as login and
password, how do I patch this and what does this mean? Could I get hacked?
Or is this nothing to worrie about?
defcon
Offending URL: https://somewebsite.com
Source: System.Web
Message: Input string was not in a correct format.
Stack trace: at System.Web.UI.Page.HandleError(Exception e) at
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint,
Boolean includeStagesAfterAsyncPoint) at
System.Web.UI.Page.ProcessRequest(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at
System.Web.UI.Page.ProcessRequest() at
System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) at
System.Web.UI.Page.ProcessRequest(HttpContext context) at
ASP.loginpage_aspx.ProcessRequest(HttpContext context) at
System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&
completedSynchronously)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070815/63a18232/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.