Pantek Library

Hosting Provided By

CybrHost

High Speed Hosting

Re: Custom session tokens and XSS

From: Cyrill Osterwalder <cyrill.osterwalder(at)seclutions.com>
Date: Wed Aug 13 2003 - 09:45:21 EDT

I completely agree with Ingo. This kind of attack is a special case of the general session fixation attack.

Cyrill

Cyrill Osterwalder
Chief Technology Officer

Seclutions AG Phone +41 1 366 88 00 Ottikerstrasse 59
CH-8006 Zuerich

PGPKey ID :0xC70E7ACB
PGPKey FP :5C84E132BBD50AB1627BF873D3B6CAF4C70E7ACB
PGPKey URL:ldap://certserver.pgp.com
PGPKey URL:
http://pgpkeys.mit.edu:11371

http://www.seclutions.com

--On Mittwoch, 13. August 2003 14:45 +0200 Ingo Struck <ingo@ingostruck.de> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
Received on Wed Aug 13 10:01:25 2003

This message: [ Message body ]
Next message: PortSwigger: "Re: Custom session tokens and XSS"
Previous message: Stephen de Vries: "Re: Custom session tokens and XSS"
In reply to Ingo Struck: "Re: Custom session tokens and XSS"
Next in thread: PortSwigger: "Re: Custom session tokens and XSS"
Reply: PortSwigger: "Re: Custom session tokens and XSS"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:54 EDT

Do you need help?

Contact Us Legal Notices Order Services Online
Pantek Home Privacy Policy IT news Site Map Pantek Library