News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Ruslan Yakushev's Blog:
ASP.NET vulnerability affecting PHP sites on IIS
September 23, 2010 @ 08:50:46

As Ruslan Yakushev points out in this new blog entry, the same security issue that's effecting ASP.NET pages running on IIS web servers can still open up PHP scripts running on the same server.

Microsoft has recently released a Security Advisory about a security vulnerability in ASP.NET. This vulnerability exists in all versions of ASP.NET. The PHP applications running on IIS are also subject to this vulnerability if ASP.NET is enabled in IIS.

The issue allows attackers to access the contents of various files on the server and could allow them to tamper with the data inside. Ruslan notes that, while Microsoft is coming up with a fix, one of the safest things you can do is either completely disable ASP.NET in the IIS server or use this workaround.

3 comments voice your opinion now!
iis vulnerability aspnet disable workaround security


blog comments powered by Disqus

Similar Posts

(IN)Secure Magazine: Issue 1.6 Posted (March 2006)

Derick Rethans' Blog: Distributions: Please Don't Cripple PHP or Red Hat: Stop Fucking Around

SitePoint PHP Blog: Top 7 PHP Security Blunders

Matthew Weier O'Phinney: Deployment with Zend Server (Part 4 of 8)

Zend Developer Zone: OSCON Day 2: Picking Up Steam


Community Events

Don't see your event here?
Let us know!


php7 community unittest example release library interview extension api laravel version conference podcast voicesoftheelephpant introduction language framework laravel5 opinion series

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework