Programmatically check for canonicalization issues with ASP.NET

Programmatically check for canonicalization issues with ASP.NET

What You Should Know About a Reported Vulnerability in Microsoft ASP.NET...

Check here:

http://www.microsoft.com/security/incident/aspnet.mspx published on 10/6/2004

Microsoft KB article: http://support.microsoft.com/?kbid=887459 published on 10/5/2004

Published Wednesday, October 06, 2004 1:35 AM by sanjeebsarangi

Comments

Wednesday, October 06, 2004 12:32 PM by TrackBack

# MS KB 887459 : Work Around for the IIS5/ASP.NET Authentication Vulnerability

The hills are alive with the sound of music KB links echoed through blogosphere. As reported here here here here here here here here here here (and too many other places to mention), MS has released a bulletin regarding this vulnerability. If you want to correct the problem, you should add the code from KB article 887459 to your Global.asax (or Global.asax.cs or Global.asax.vb, as the case may be). I still recommend using more fine-grained security checks on each page like I mentioned earlier and that you run URLScan and IISLockdown (if you can). Or upgrade to IIS 6. Better yet, do all of the above.
Saturday, March 12, 2005 5:37 PM by TrackBack

# MS KB 887459 : Work Around for the IIS5/ASP.NET Authentication Vulnerability

The hills are alive with the sound of music KB links echoed through blogosphere. As reported here here here here here here here here here here (and too many other places to mention), MS has released a bulletin regarding this vulnerability. If you want to correct the problem, you should add the code from KB article 887459 to your Global.asax (or Global.asax.cs or Global.asax.vb, as the case may be). I still recommend using more fine-grained security checks on each page like I mentioned earlier

Leave a Comment

(required) 
(required) 
(optional)
(required)