ASP.NET POET Vulnerability

From OWASP
Revision as of 16:45, 20 September 2010 by ParanoidMike (talk | contribs) (Added introductory sentences as a first step towards Dinis' recommended "good/objective description of the problem, good technical desciption of the problem and tons of references")

Jump to: navigation, search

This page contains details about the ASP.NET POET vulnerability disclosed on 2010-09-17. This vulnerability exists in all versions of ASP.NET (all versions released through 2010-09-18). As of 2010-09-20, there is no fix available to resolve the vulnerability; in the meantime, Microsoft strongly urges all ASP.NET deployments perform the recommended workaround to mitigate the vulnerability in the short-term.

Advisory

Fixes (via web.config change)

Blogs, News, Articles

discussion Threads