Bookmark and Share

Thursday, September 23, 2010

POET vulnerability on ASP.net.... be fixed!

Some days ago two security researchers Juliano Rizzo and Thai Duong had discovered a new way to gain administrative permission on ASP.NET web servers including DNN using a a bug in the default encryption mechanism used to protect the cookies.

They created a tool (the Padding Oracle Exploit Tool or POET), that can repeatedly modify an ASP.NET Forms Authentication cookie encrypted using AES and, by examining the errors returned, determine the Machine Key used to encrypt the cookie.

The process is claimed to be 100 percent reliable and takes between 30 and 50 minutes for any site.

Here is the link to the youtube demostration :

http://www.youtube.com/watch?v=yghiC_U2RaM

And here is the info to mitigate this vulnerability:

http://www.microsoft.com/technet/security/advisory/2416728.mspx

Update your sites!!!