Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Full-disclosure] Live is live
Date: Wed Sep 20 2006 - 12:10:39 CDT
On Wed, 20 Sep 2006 16:48:36 BST, Jason Duke said:
> To be fair to Microsoft here, the web server has stopped an XSS attack
> happening rather than enabled an XSS attack.
> The error page may not be pretty but it isn't dangerous , at least from
> the example you sent.
On the other hand, being unable to recover well enough to present a
pretty error page indicates that the error handling is still shaky at
best, and probably a productive target for attitional attempts...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
-----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/