Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Demo ASP.NET Crypto Attack

Posted by timothy on Sunday September 19, 2010 @08:57AM from the theoretical-no-more dept.

Trailrunner7 writes "The crypto attack against ASP.Net Web apps has gotten a lot of attention this week, and with good reason. Microsoft on Friday night issued a security advisory about the bug, warning customers that it poses a clear danger to their sites. Also on Friday, the researchers who found the bug and implemented the attack against it released a slick video demo of the attack, clearly showing the seriousness of the problem and how simple it is to exploit with their POET tool."

1 of 98 comments (clear)

Min score:

Reason:

Sort:

Re:Not just ASP.NET by spongman · 2010-09-19 11:19 · Score: 3, Interesting

clueless developers who enable full exception information

this is irrelevant and misleading, the exploit does not require the stack trace pages to be enabled in order to be effective.