Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Demo ASP.NET Crypto Attack

Posted by timothy on Sunday September 19, 2010 @08:57AM from the theoretical-no-more dept.

Trailrunner7 writes "The crypto attack against ASP.Net Web apps has gotten a lot of attention this week, and with good reason. Microsoft on Friday night issued a security advisory about the bug, warning customers that it poses a clear danger to their sites. Also on Friday, the researchers who found the bug and implemented the attack against it released a slick video demo of the attack, clearly showing the seriousness of the problem and how simple it is to exploit with their POET tool."

1 of 98 comments (clear)

Min score:

Reason:

Sort:

Re:Not as serious as it sounds by spongman · 2010-09-19 11:07 · Score: 0, Redundant

the http status code is enough error information in order for this exploit to work. RemoteOnly is irrelevant.