[Owasp-o2-platform] [Owasp-dotnet] ASP.NET POET Vulnerability

dinis cruz dinis.cruz at owasp.org
Tue Sep 21 21:33:30 EDT 2010


Alessio

Please add as much info about this to the OWASP page as possible.

The only place were I would draw the line is any personal opinions. So for
example it would be great if the OWASP page (or pages) had the
objective/analitical analysis of the issue and your blog had your personal
take on the problem.

We should also try to have as many example of this vulnerability in action,
with the only caveat that we should not be posting 0-days on the OWASP
website (once there is a patch, then it is ok)

Dinis Cruz


On 21 September 2010 11:29, <alessio.marziali at cyphersec.com> wrote:

> All,
>
> In addition to the links I've sent out yesterday; This is another
> interesting reading on the Padding Oracle Crypto Attack (POET).
>
>
> http://threatpost.com/en_us/blogs/new-crypto-attack-affects-millions-aspnet-apps-091310
>
> I've started creating a very long post for my blog last night then I
> thought I could just post it directly on the OWASP.NET wiki.
>
> Let me know. I could get this done in a couple of days.
>
> Cheers,
> Alessio
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-o2-platform/attachments/20100922/e6b87ac2/attachment.html 


More information about the Owasp-o2-platform mailing list