Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
ASP.NET Form Authentication Flaw Exposed
Message
From
15/09/2010 15:55:12
Al Doman
M3 Enterprises Inc.
North Vancouver, British Columbia, Canada
 
 
To
15/09/2010 15:08:03
Mike Cole
Yellow Lab Technologies
Stanley, Iowa, United States
General information
Forum:
ASP.NET
Category:
Other
Title:
Re: ASP.NET Form Authentication Flaw Exposed
Miscellaneous
Thread ID:
01481325
Message ID:
01481339
Views:
42
>http://visualstudiomagazine.com/articles/2010/09/14/aspnet-security-hack.aspx

http://threatpost.com/en_us/blogs/new-crypto-attack-affects-millions-aspnet-apps-091310 , and some of the comments to that post.

Depends on how fast MS can patch the vuln. In the interim they'll probably recommend mitigation/workarounds, perhaps including the technique in the link you cite.

If you admin a web-facing site, be vigilant... but that's nothing new.
Regards. Al

"Violence is the last refuge of the incompetent." -- Isaac Asimov
"Never let your sense of morals prevent you from doing what is right." -- Isaac Asimov

Neither a despot, nor a doormat, be

Every app wants to be a database app when it grows up
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform