Security Holes That Run Deep

Security Holes That Run Deep
Mark Burnett, 2004-12-20

How a seemingly simply Microsoft bug betrayed its author's disdain for a wide range of secure coding principles.

Nothing new from MS here... 2004-12-21
Anonymous

The original asp. bug (add a dot to the end of an URL) and you get to see the page's source instead of the asp engine execute the code.

Seems these little parsing errors never go away.

http://home.mcyork.com/iansays/archives/000317.html...

[ more ]