SQL Server Performance

Vulnerability in ASP.NET Could Allow Information Disclosure:: Microsoft Security Advisory (2416728)

Discussion in 'Other SQL Server Blogs around the Web' started by Anonymous, Sep 21, 2010.

  1. Anonymous New Member

    Here is the update and workaround about the vulnerability in ASP.NET: Microsoft is investigating a new public report of a vulnerability in ASP.NET. An attacker who exploited this vulnerability could view data, such as the View State, which was encrypted by the target server, or read data from files on the target server, such as web.config. This would allow the attacker to tamper with the contents of the data. By sending back the altered contents to an affected server, the attacker could observe the...(<a href="http://sqlserver-qa.net/blogs/dotnet_40/archive/2010/09/21/vulnerability-in-asp-net-could-allow-information-disclosure-microsoft-security-advisory-2416728.aspx">read more</a>)<img src="http://sqlserver-qa.net/aggbug.aspx?PostID=9568" width="1" height="1">

Share This Page