Home page logo

fulldisclosure logo Full Disclosure mailing list archives

RE: x-posting--was--> ASP.NET cannonicalization issue
From: "Evans, Arian" <Arian.Evans () fishnetsecurity com>
Date: Tue, 12 Oct 2004 10:02:45 -0500

-----Original Message-----
From: Cassidy Macfarlane
Sent: Tuesday, October 12, 2004 6:44 AM

Ive seen this on the lists, cause You've posted it about five times.
Unless you have new information or links regarding this issue, please
refrain from repeat postings - we get enough noise on this list as it

I made one post to BT and one here (FD).

I fully expected the normal BT-mod drop so I got lazy; my fault.

It was a timely post about a very real issue; relevant, and covering
mitigation steps.

Others have followed up with the missing details since then;
good info to be found last week on webappsec list archives:



The information transmitted in this e-mail is intended only for the addressee and may contain confidential and/or 
privileged material. 
Any interception, review, retransmission, dissemination, or other use of, or taking of any action upon this information 
by persons or entities
other than the intended recipient is prohibited by law and may subject them to criminal or civil liability. If you 
received this communication 
in error, please contact us immediately at 816.421.6611, and delete the communication from any computer or network 

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
  • RE: x-posting--was--> ASP.NET cannonicalization issue Evans, Arian (Oct 12)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]