This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

ASP.NET POET Vulnerability

From OWASP
Revision as of 20:08, 4 October 2010 by Gfedon (talk | contribs) (Not reccomended Fixes (via web.config change))

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This page contains details about the ASP.NET POET vulnerability disclosed on 2010-09-17. This vulnerability exists in all versions of ASP.NET (all versions released through 2010-09-18). As of 2010-09-20, there is no fix available to resolve the vulnerability; in the meantime, Microsoft strongly urges all ASP.NET deployments perform the recommended workaround to mitigate the vulnerability in the short-term.

Advisory

Recommended Fixes

Not recommended Fixes (via web.config change)

Why we do not recommend these workarounds

Blogs, News, Articles

File Access Exploits

discussion Threads