[thelist] ASP - Variables & Security
Ken Schaefer
ken at adOpenStatic.com
Mon Aug 4 00:39:29 CDT 2003
Perhaps you could give a few more details about this "security flaw"
What exactly is "secure" that is able to be exploited via the alleged
"flaw"?
Cheers
Ken
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: <burgan at iprimus.com.au>
Subject: [thelist] ASP - Variables & Security
Hello all,
Please consider the following code:
<% Language=VBScript
Option Explicit
Dim strVarOne
Dim strVarTwo
strVarOne = "this variable has something assigned to it"
%>
<html>
<head>
<title></title>
</head>
<body>
<%=strVarOne%>
</body>
</html>
In this code 2 variables are declared, 1 of which is given a value.
I've read somewhere that if some declared variable are not assigned to
something within a page, that is a POSSIBLE security flaw.
Is this correct?? And can someone please explain it some more.
If this is the case, is it possible to UN-declare a variable.
Thanks
Tim
--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .
--
* * Please support the community that supports you. * *
http://evolt.org/help_support_evolt/
For unsubscribe and other options, including the Tip Harvester
and archives of thelist go to: http://lists.evolt.org
Workers of the Web, evolt !
More information about the thelist
mailing list