If the above link is broken please click on the [Report!]button. You may also enter you email address so we can come back to you with the correct URL.
Microsoft IIS 5.0 Session ID Cookie Marking Vulnerability Patch vQ274149 Description: eliminates a security vulnerability in Microsoft Internet Information Server which could allow a malicious user to steal a user's secure Web session under a very restricted set of circumstances. Internet Information Server (IIS) supports the use of a session ID cookie to track the current session identifier for a Web session. However, ASP pages in IIS do not support the creation of secure session ID cookies as defined in RFC 2109. As a result, secure and non-secure pages on the same Web site use the same session ID.
If a user initiates a session with a secure Web page, a session ID cookie is generated and sent to the user, protected by SSL (Secure Sockets Layer). But if the user subsequently visits a non-secure page on the same site, the same session ID cookie is exchanged, but this time in plain text.
Any malicious user who has complete control over the communications channel, could access the plain text session ID cookie and use it to connect to the user’s session with the secure page and take any action on the secure page that is available to the user.
The conditions under which this vulnerability could be exploited are rather daunting. The malicious user would need to have complete control over the other user’s communications with the Web site. Even then, the malicious user could not make the initial connection to the secure page.
The patch eliminates the vulnerability by adding support for secure session ID cookies in ASP pages.
Hollywood FX is library of over 100 customizable 3D transitions and effects for video, film, publishing, Internet, and multimedia.
Demo
TeVeo Live allows you to stream 20 frames per second of live content from any USB (Universl Serial Bus) Web camera.
Freeware
Microsoft GIF Animator lets you easily create and customize animated GIF files for your Web site.
Freeware
Password Protection Java Applet is a Java applet which can be used to implement a password protection scheme for a Web site.
Freeware
PDFill Form Filler Try PDFill Form Filler and Get the PDF Writer and PDF Tools for free!
Shareware
WebCam32 allows live video camera images to be automatically updated and displayed on a Web page.
Shareware
Proxy Scanner Server Proxy Scanner Server is the software that helps to find and check proxies.
Shareware
FotoFix FotoFix is a program that can generate a complete photo album for your website or to be used offline.
Freeware
Microsoft VBScript Documentation lets you install local copies of the current Visual Basic Script Language Reference and Tutorial.
Freeware
Retrieve PDF Especially designed for the recovery of content from PDF files that have been locked, either where you have forgotten the user password, and so cannot even open the file to read it, or if you have just forgotten the owner password, and so cannot edit, copy, or print the file.
Demo
Ulead PhotoImpact PhotoImpact 8 delivers total image editing for the PC. Easily manage and enhance digital photos, create stunning graphics and produce high-impact Web pages for recreational or professional use.
30-day Trial
Vecta3D Standalone allows you to create amazing 3D images and animations for Macromedia Flash and other popular vector formats.
