Session Attacks and ASP.NET - Part 1
Sans has published part 1 of an article discussing Session Fixation attacks against .NET applications.
"I’ve spent some time recently looking for updated information regarding session attacks as they apply to ASP.NET and am still not completely satisfied with how Microsoft has decided to implement session management in ASP.NET 2.0+ (haven’t looked at 4.0 beta yet)."
Link: https://blogs.sans.org/appsecstreetfighter/2009/06/16/session-attacks-and-aspnet-part-1/
Comments
You can follow this conversation by subscribing to the comment feed for this post.
All Comments are Moderated and will be delayed!
Post a comment