[Mono-dev] Mono and ASP.NET Security Vulnerability

Sebastien Pouliot sebastien.pouliot at gmail.com
Sun Sep 19 20:47:27 EDT 2010

On Sun, 2010-09-19 at 11:47 +0200, Tomi wrote:
> Hi folks,
> is mono also affected by this security vulnerability? (ScottGu: "This
> vulnerability is in our ASP.NET implementation (and will be fixed in a
> patch).  I'm not sure if Mono has the same bug.")
> http://weblogs.asp.net/scottgu/archive/2010/09/18/important-asp-net-security-vulnerability.aspx

A quick answer is that we do not have yet enough details. If Mono is
vulnerable to the same (or similar) vulnerability then I'll update
http://www.mono-project.com/Vulnerabilities accordingly.

In any case the current workaround proposed by Microsoft is good advice
(since it can stop similar vulnerabilities). Personally I suggest you to
use this on both Mono or MS ASP.NET applications.


More information about the Mono-devel-list mailing list