Communardo Software GmbH, Kleiststraße 10 a, D-01129 Dresden
+49 (0) 351/850 33-0

ASP.NET security update against #hashDoS attacks

In a presentation („Efficient Denial of Service Attacks on Web Application Platforms“, Dec 28th 2011, PDF) at 28th Chaos Communication Congress in Berlin (#28c3) there have been published details on how to perform so called „hash collision attacks“ on webservers.

This does not only affect Microsoft technology (ASP.NET), but also Java, Python, Ruby, PHP, v8/node.js, …

Microsoft has already reacted and will release an out-of-band security update today.

For more details see:

Kommentar hinterlassen

Pin It on Pinterest