Blog Stats
  • Posts - 178
  • Articles - 0
  • Comments - 98
  • Trackbacks - 172

 

<< Finally GMail Gets Contacts | Home | Seven GMail Invites >>

Fixing the ASP.NET Authentication Vulnerability

Here is a great article concerning the recently discovered ASP.NET authentication vulnerability and how to fix it. Everyone should check this out if you code ASP.NET apps.

http://weblogs.asp.net/rmclaws/archive/2004/10/06/238557.aspx

Print posted @ Wednesday, October 06, 2004 9:03 AM

Feedback

# MS KB 887459 : Work Around for the IIS5/ASP.NET Authentication Vulnerability

Gravatar The hills are alive with the sound of music KB links echoed through blogosphere. As reported here here here here here here here here here here (and too many other places to mention), MS has released a bulletin regarding this vulnerability. If you want to correct the problem, you should add the code from KB article 887459 to your Global.asax (or Global.asax.cs or Global.asax.vb, as the case may be). I still recommend using more fine-grained security checks on each page like I mentioned earlier and that you run URLScan and IISLockdown (if you can). Or upgrade to IIS 6. Better yet, do all of the above.
10/6/2004 12:35 PM | Sirsha Development Resources Blo

# re: Fixing the ASP.NET Authentication Vulnerability

Gravatar http://dotnetjunkies.com/WebLog/stefandemetz/archive/2004/10/02/27441.aspx 10/8/2004 11:33 AM | stefandemetz

# MS KB 887459 : Work Around for the IIS5/ASP.NET Authentication Vulnerability

Gravatar The hills are alive with the sound of music KB links echoed through blogosphere. As reported here here here here here here here here here here (and too many other places to mention), MS has released a bulletin regarding this vulnerability. If you want to correct the problem, you should add the code from KB article 887459 to your Global.asax (or Global.asax.cs or Global.asax.vb, as the case may be). I still recommend using more fine-grained security checks on each page like I mentioned earlier 3/12/2005 5:40 PM | Sirsha Development Resources Blo
Post a comment





 

 

 

Copyright © Jason Bentley