ASP.NET Security Vulnerability : Discovered in September 2010
On September 18, 2010, Micrsoft released a Microsoft Security Advisory about a security vulnerability in ASP.NET. This vulnerability exists in all versions of ASP.NET.
What is this vulnerability?
An attacker can request and download restricted files of an ASP.NET Application like the web.config file (which often contains sensitive data). An attacker can also decrypt data sent to the client in an encrypted state (For eg. ViewState).
There are several ways to get rid of this security vulnerability until microsoft release a patch for it.
More information about security vulnerability and its solution
Please visit the following link to read more about vulnerability and also get idea about possible solution to overcome this security vulnerabilty.
Read More : ASP.NET Security Vulnerability
What is this vulnerability?
An attacker can request and download restricted files of an ASP.NET Application like the web.config file (which often contains sensitive data). An attacker can also decrypt data sent to the client in an encrypted state (For eg. ViewState).
There are several ways to get rid of this security vulnerability until microsoft release a patch for it.
More information about security vulnerability and its solution
Please visit the following link to read more about vulnerability and also get idea about possible solution to overcome this security vulnerabilty.
Read More : ASP.NET Security Vulnerability
