[thelist] ASP - Variables & Security

Ken Schaefer ken at adOpenStatic.com
Mon Aug 4 00:39:29 CDT 2003

Perhaps you could give a few more details about this "security flaw"
What exactly is "secure" that is able to be exploited via the alleged


From: <burgan at iprimus.com.au>
Subject: [thelist] ASP - Variables & Security

Hello all,

Please consider the following code:

  <% Language=VBScript
     Option Explicit

     Dim strVarOne
     Dim strVarTwo
     strVarOne = "this variable has something assigned to it"

In this code 2 variables are declared, 1 of which is given a value.
I've read somewhere that if some declared variable are not assigned to
something within a page, that is a POSSIBLE security flaw.

Is this correct?? And can someone please explain it some more.

If this is the case, is it possible to UN-declare a variable.


mail2web - Check your email from the web at
http://mail2web.com/ .

* * Please support the community that supports you.  * *

For unsubscribe and other options, including the Tip Harvester
and archives of thelist go to: http://lists.evolt.org
Workers of the Web, evolt !

More information about the thelist mailing list