Important ASP.NET notice for Webmasters - Announcements

Welcome Guest! To enable all features please Login or Register.

Notification

Error

BV Commerce Forum » BV Commerce News » Announcements » Important ASP.NET notice for Webmasters

Important ASP.NET notice for Webmasters

Options

Previous Topic Next Topic

Marcus		#1 Posted : Thursday, October 7, 2004 8:00:19 AM(UTC)
Rank: Member Joined: 11/5/2003(UTC) Posts: 1,786		There is a known vulnerability in ASP.NET that could allow a hacker to access areas of a web site that relys on the <authorization> section of the web.config file for security. BVC 2004 does use this section to protect the /bvconfigure folder but other areas, like the /BVAdmin folder, are protected by a custom security check that isn't vulnerable to this type of attack. A quick fix is available by adding a few lines to your global.asax.vb file or by running the latest IIS6 with URLScan. You can read more about this security issue here: http://www.microsoft.com/security/incident/aspnet.mspx


User Profile View All Posts by User View Thanks

Forum Jump

You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.