Early this week, a couple of security researchers, Juliano Rizzo and Thai Duong, have implemented an attack that exploits the way ASP.NET applications handle encrypted session cookies (see more details here). They have discussed this in detail during the Ekoparty conference in Argentina. Their research paper is Practical Padding Oracle Attacks.
In the context of cryptography, an oracle is a system that provides hints as you ask it questions. And this attack explores a vulnerability in ASP.NET which acts as a padding oracle. This vulnerability is explained in details in Understanding the ASP.NET Vulnerability.
This vulnerability allows attackers to have access to decrypt the information stored in the ViewState object. If sensitive information is stored there, such as passwords or database connection strings, then this data is compromised. If an ASP.NET application is using ASP.NET 3.5 SP1 or above, the attacker could use this encryption vulnerability to request the contents of an arbitrary file which the worker process has access to, for example, the web.config file.
Microsoft has released a security advisory about the problem: Microsoft Security Advisory (2416728). If you or your clients have ASP.NET Web sites, then you must apply the necessary changes as described here: Scott Guthrie: ASP.NET Security Vulnerability
Update: Also take a look at Scott Guthrie's FAQ about AS.NET Security Vulnerability.
Subscribe to:
Post Comments (Atom)
Spring Boot Configuration Properties Localization
Spring Boot allows to externalize application configuration by using properties files or YAML files. Spring Profiles provide a way to segr...
-
I use robocopy to backup my files to a network drive with the following command: robocopy [source folder] [target folder] /MIR The MIR optio...
-
When I try to install WMware Server in Windows 7 (also happened on Vista and XP), I get the message Error 1327 Invalid Drive S:\ and the in...
-
When I created my VMware image, I used only one file for the entire virtual disk (vmdk file). If you want to split your single virtual disk ...
No comments:
Post a Comment