Monday, September 27, 2010
Sunday, September 26, 2010
Install and Enable IIS URLScan with a Custom Rule to avoid ASP.NET Vulnerability
ScottGu's link
If you do not already have the IIS URLScan module installed on your IIS web server, please download and install it:
It takes less than a minute to install on your server.
If you do not already have the IIS URLScan module installed on your IIS web server, please download and install it:
It takes less than a minute to install on your server.
Wednesday, September 22, 2010
Security Advisory 2416728 (Vulnerability in ASP.NET) and SharePoint. Update : Updated 9/21/2010 3:06PM
http://blogs.msdn.com/b/sharepoint/archive/2010/09/21/security-advisory-2416728-vulnerability-in-asp-net-and-sharepoint.aspx
This post documents recommended workarounds for the following SharePoint products:
* SharePoint 2010
* SharePoint Foundation 2010
* Windows SharePoint Services 2.0
Workarounds are not necessary for the following products:
* Microsoft Office SharePoint Server 2007
* Windows SharePoint Services 3.0
* SharePoint Portal Server 2003
This post documents recommended workarounds for the following SharePoint products:
* SharePoint 2010
* SharePoint Foundation 2010
* Windows SharePoint Services 2.0
Workarounds are not necessary for the following products:
* Microsoft Office SharePoint Server 2007
* Windows SharePoint Services 3.0
* SharePoint Portal Server 2003
Tuesday, September 21, 2010
Update: 2007/WSS3 is not vulnerable to the attack. No workaround is needed right now, but you still need to apply the fix when it come out
How to validate? Can I type in some non-existing pages to test if web.config changes work on SharePoint?
The answer would be no. When you try to access a non-existing page on a SharePoint site with a modified web.config you will still have 404 codes. But SharePoint has its own custom error handler to generate those 404s for non-existing pages, which will not be able to be used directly by the attack. The workaround will be able to prevent error codes from being generated by accessing certain ASP.Net resources, and it would work if you followed the steps correctly.
Just remember, the ultimate solution is the upcoming ASP.Net fix. This workaround is just temporary, get you protection before the patch is released. Once it’s released, apply the fix and then restore your web.config to the original ones.
Jie
Courtesy: Jie Li's GeekWorld blog.
The answer would be no. When you try to access a non-existing page on a SharePoint site with a modified web.config you will still have 404 codes. But SharePoint has its own custom error handler to generate those 404s for non-existing pages, which will not be able to be used directly by the attack. The workaround will be able to prevent error codes from being generated by accessing certain ASP.Net resources, and it would work if you followed the steps correctly.
Just remember, the ultimate solution is the upcoming ASP.Net fix. This workaround is just temporary, get you protection before the patch is released. Once it’s released, apply the fix and then restore your web.config to the original ones.
Jie
Courtesy: Jie Li's GeekWorld blog.
Security Advisory 2416728 (Vulnerability in ASP.NET) and SharePoint.
http://blogs.msdn.com/b/sharepoint/archive/2010/09/21/security-advisory-2416728-vulnerability-in-asp-net-and-sharepoint.aspx
Friday, September 10, 2010
Differences in selecting lookup column.
When you are creating a lookup column in a list (A) and select the Title columns as the lookup column from List (B). You can see two different columns
1. Title
2. Title (Linked to Edit Item)
Case 1: In AllItems.aspx of List (A) when you display the lookup column, it shows the value with a link to the corresponding list (B) item Display.aspx. It will not have any source url in that url. When you click on cancle it goes to the corresponding list (B). It will have RootFolder=* at the end of url.
E.g. http:///Lists/
1. Title
2. Title (Linked to Edit Item)
Case 1: In AllItems.aspx of List (A) when you display the lookup column, it shows the value with a link to the corresponding list (B) item Display.aspx. It will not have any source url in that url. When you click on cancle it goes to the corresponding list (B). It will have RootFolder=* at the end of url.
E.g. http://
- /DispForm.aspx?ID=134&RootFolder=*
Case 2: In AllItems.aspx of List (A) when you display the lookup column, it shows the value with a link to the corresponding list (B) item Display.aspx. It will have the source url to List A in that url. When you click on cancle it goes back to the list (A).
E.g. http://
- /DispForm.aspx?ID=134&Source=http://
- /AllItems.aspx?
To remove the Hyperlinks of Lookup values
Hi,
If you have a lookup column in a List and in the AllItems.aspx if you want to disable the hyper link of that lookup values you can use this code
/*****************************************************************
_spBodyOnLoadFunctionNames.push("RemoveLookupLinks");
function RemoveLookupLinks()
{
var oP = document.getElementsByTagName('a');//the collection of a tags
var flag = falsefor(var i=0;i
if(oP[i].attributes["href"].value.indexOf("RootFolder=*")!= -1)
{
var linkvalue = oP[i].innerHTML;//value of the lookup field
oP[i].parentNode.innerHTML = linkvalue;//replacing value of the lookup to whole the Anchor tag
flag = true;
break;
}
}
if(flag)RemoveLookupLinks();
}
******************************************************************/
It looks for the anchor tags with href containg RootFolder=* and replaces that tag with its inner HTML. Because, Only lookup fields will have that kind of HREF.
If you have a lookup column in a List and in the AllItems.aspx if you want to disable the hyper link of that lookup values you can use this code
/*****************************************************************
_spBodyOnLoadFunctionNames.push("RemoveLookupLinks");
function RemoveLookupLinks()
{
var oP = document.getElementsByTagName('a');//the collection of a tags
var flag = falsefor(var i=0;i
if(oP[i].attributes["href"].value.indexOf("RootFolder=*")!= -1)
{
var linkvalue = oP[i].innerHTML;//value of the lookup field
oP[i].parentNode.innerHTML = linkvalue;//replacing value of the lookup to whole the Anchor tag
flag = true;
break;
}
}
if(flag)RemoveLookupLinks();
}
******************************************************************/
It looks for the anchor tags with href containg RootFolder=* and replaces that tag with its inner HTML. Because, Only lookup fields will have that kind of HREF.
Subscribe to:
Posts (Atom)