[Owasp-dotnet] is windows 2003 vulnerable to the Asp.Net Forms Authentication Vulnerability?
Dinis Cruz
dinis at ddplus.net
Wed Oct 6 01:27:46 EDT 2004
Acording to http://www.microsoft.com/security/incident/aspnet.mspx
"...This issue affects Web content owners who are running any version of
ASP.NET on Microsoft Windows 2000, Windows 2000 Server, Windows XP
Professional, and Windows Server 2003..."
So far I was under the impression that this didn't affect Windows 2003?
Unless they are saying that this affects windows 2003 if IIS 6.0 and
http.sys are not used to host the Asp.Net Application?
Any thoughts?
Dinis Cruz
.Net Security Consultant
DDPlus
More information about the Owasp-dotnet
mailing list