Re: Massive ASP.Net Forms Authentication vulnerability

From: Prodip Saha (psaha_at_bear.com)
Date: 10/04/04


Date: Mon, 4 Oct 2004 09:39:16 -0500

Greg,
I have confirmed this security hole on XP Professional with IE6. This is a
reminder to the companies- never solely rely on microsoft for their
application security.

Thanks,
Prodip

"Greg Hurlman" <ghurlman*AT*squaretwo*DOT*net> wrote in message
news:7FAE1C11-2A1D-46E4-83C9-441BE8B2944E@microsoft.com...
>
http://sourceforge.net/mailarchive/forum.php?thread_id=5671607&forum_id=24754
>
> This is, IMNSHO, the worst thing I've ever heard of.
>
> Spread the word, test your sites, and send angry emails to Microsoft.
> ---
> Greg Hurlman
> ghurlman*AT*squaretwo*DOT*net
> http://blogs.squaretwo.net