[mod-security-users] does modsecurity block the latest ASP.NET vulnerability?
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] does modsecurity block the latest ASP.NET vulnerability?
|
From: Jason H. <Jas...@tr...> - 2010-09-20 20:44:32
|
Hi there As the vulnerability's exploit involves hammering the server with tonnes of webrequests, I was wondering if there could be a way to block it with mod_security? http://www.theregister.co.uk/2010/09/20/asp_dot_net_padding_oracle_fix/ http://www.microsoft.com/technet/security/advisory/2416728.mspx http://blogs.technet.com/b/srd/archive/2010/09/17/understanding-the-asp-net-vulnerability.aspx -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 |
