.pdf security using ASP.NET security...

From: Laurent Allardin (laurent@2k1soft.com)
Date: 07/22/02

Next message: Shachar Matyas: "Re: .net object on the client side"
Previous message: Arild Bakken: "Re: PLEASE HELP: Problem with security"
Next in thread: Mike Moore: "RE: .pdf security using ASP.NET security..."
Reply: Mike Moore: "RE: .pdf security using ASP.NET security..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Laurent Allardin" <laurent@2k1soft.com>
Date: Mon, 22 Jul 2002 12:39:46 -0400

Hello,

I am wondering if using the aspnet_isapi.dll to handle PDF files security
access (or even JPG files, GIF, DOC, XLS, etc...) using ASP.NET security
option could cause a performance hit, security issue for the Web Server
etc... What are the impact (security, server impact, performance)?

Thank you for your help!

Laurent Allardin, MCSD
2K1Soft Solutions inc.
laurent@2k1soft.com
www.2k1soft.com

Next message: Shachar Matyas: "Re: .net object on the client side"
Previous message: Arild Bakken: "Re: PLEASE HELP: Problem with security"
Next in thread: Mike Moore: "RE: .pdf security using ASP.NET security..."
Reply: Mike Moore: "RE: .pdf security using ASP.NET security..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

[NT] Poisoning Cached HTTPS Documents in Internet Explorer
... Get your security news from a reliable source. ... "poison" a user's browser cache with a malicious document that will later ... The attacker can exploit this vulnerability for "replacing" HTML ... to communicate with a malicious web server over HTTPS without the browser ...
(Securiteam)
[NT] Webserver 4D Weak Password Preservation Vulnerability
... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... complete Web Server environment written entirely on top of 4th Dimension, ... WS4D web server saves the passwords somewhere insecure. ...
(Securiteam)
Re: 2003 Web Server Security flaw
... "Locked-down windows 2003 Web Server used only to host web sites". ... What is your logic/rationale for Media Player being a required install ... The Media Player patch was the ONLY that FAILED. ... > When talking about computer security, there are areas that have no such ...
(microsoft.public.windows.server.security)
Web session tracking security prob. Vulnerable: IIS and ColdFusion (maybe others)
... SECURITY PROBLEMS WITH WEB SERVERS' SESSION TRACKING MECHANISMS. ... 2001 we reported the following problem (with specifics to IIS and SITESERVER) to the Microsoft Security Response Center. ... These vulnerabilities, especially when combined with well-known cross-site scripting vulnerabilities, could cause loss of confidentiality, failure of non-repudiation and fraud. ... The browser stores and returns the "ASPSESSIONID" or "CFID/CFTOKEN" values with each subsequent request to the web server. ...
(Vuln-Dev)
Re: Recommended Windows Hosts
... disagreement with their business strategy though and their ... >attempt to repair security flaws...". ... My point is that they are patching a damaged architecture. ... >recommended not allowing parent paths on the Web server. ...
(microsoft.public.frontpage.client)