Re: Massive ASP.Net Forms Authentication vulnerability
From: Prodip Saha (psaha_at_bear.com)
Date: 10/04/04
- Next message: Peter Sedman: "Re: 403 Error Web App to Web App with Client Certificates"
- Previous message: [MSFT]: "RE: 403 Error Web App to Web App with Client Certificates"
- Maybe in reply to: Mike Bridge: "Re: Massive ASP.Net Forms Authentication vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 4 Oct 2004 09:39:16 -0500
Greg,
I have confirmed this security hole on XP Professional with IE6. This is a
reminder to the companies- never solely rely on microsoft for their
application security.
Thanks,
Prodip
"Greg Hurlman" <ghurlman*AT*squaretwo*DOT*net> wrote in message
news:7FAE1C11-2A1D-46E4-83C9-441BE8B2944E@microsoft.com...
>
http://sourceforge.net/mailarchive/forum.php?thread_id=5671607&forum_id=24754
>
> This is, IMNSHO, the worst thing I've ever heard of.
>
> Spread the word, test your sites, and send angry emails to Microsoft.
> ---
> Greg Hurlman
> ghurlman*AT*squaretwo*DOT*net
> http://blogs.squaretwo.net
- Next message: Peter Sedman: "Re: 403 Error Web App to Web App with Client Certificates"
- Previous message: [MSFT]: "RE: 403 Error Web App to Web App with Client Certificates"
- Maybe in reply to: Mike Bridge: "Re: Massive ASP.Net Forms Authentication vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
