Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security NTBugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Microsoft Knowledge Base Article - 887459

from [John Galt] Network Security [Permanent Link]
Subject: Microsoft Knowledge Base Article - 887459
Date: Thu, 7 Oct 2004 08:04:50 -0500 
Group:

A very strange posting from Microsoft about preventing canonicalization abuse 
in ASP.NET, URL:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;887459

I wonder if this is related to the ASP.NET Authentication issue raised by 
toby@CREATOR.CO.UK a few weeks ago? I tried to reproduce his bug but could not 
find a problem. Has anyone else been successful reproducing or know why 
Microsoft is posting this fix?

Thanks.
-- 
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm

--
NTBugtraq Editor's Note:

Want to reply to the person who sent this message? This list is configured such 
that just hitting reply is going to result in the message coming to the list, 
not to the individual who sent the message. This was done to help reduce the 
number of Out of Office messages posters received. So if you want to send a 
reply just to the poster, you'll have to copy their email address out of the 
message and place it in your TO: field.
--
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Microsoft Knowledge Base Article - 887459, John Galt <=
Previous by Date:  Re: Darn if you do Darn if you don't., Brian S. Bergin
Next by Date:  Re: ASP.Net vulnerability, Brett Hill
Previous by Thread:  ASP.Net vulnerabillity, Steve Shockley
Next by Thread:  [Full-Disclosure] RE: Disclosure policy in Re: RealPlayer vulnerabilities, Drew Copley
Indexes:  [Date] [Thread] [Top] [All Lists]