Hosting Provided By

Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications

From: Mark Curphey <mark(at)curphey.com>
Date: Wed Dec 18 2002 - 13:33:38 EST

From: "Mitja Kolsek (ACROS Lists)" <lists@acros.si> Date: Wed, 18 Dec 2002 15:01:25 +0100
To: bugtraq@securityfocus.com,vulnwatch@vulnwatch.org,NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM Subject: Security Paper: Session Fixation Vulnerability in Web-based Applications

ACROS Security is pleased to announce the publication of a security paper about a new class of attacks on web-based applications that we named "session fixation" attacks. The paper is available at

[ http://www.acros.si/papers/session_fixation.pdf ]

and could be useful to all web applications developers and security analysts. We will appreciate any feedback you might provide.

Mitja Kolsek

ACROS, d.o.o.
Stantetova 4, SI - 2000 Maribor, Slovenia web: http://www.acros.si
e-mail: mitja.kolsek@acros.si Received on Wed Dec 18 13:47:49 2002

This message: [ Message body ]
Next message: Kevin Spett: "Re: modify non-persistent cookies"
Previous message: Uzi Refaeli: "RE: modify non-persistent cookies"
Next in thread: Sverre H. Huseby: "Re: Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications"
Reply: Sverre H. Huseby: "Re: Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:46 EDT