|
|
Subscribe / Log in / New account

Paper: Session Fixation

[Posted December 18, 2002 by corbet]

From:  "Mitja Kolsek (ACROS Lists)" <lists@acros.si>
To:  <bugtraq@securityfocus.com>, <vulnwatch@vulnwatch.org>, <NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM>
Subject:  Security Paper: Session Fixation Vulnerability in Web-based Applications
Date:  Wed, 18 Dec 2002 15:01:25 +0100


ACROS Security is pleased to announce the publication of a security paper
about a new class of attacks on web-based applications that we named
"session fixation" attacks. The paper is available at

	[ http://www.acros.si/papers/session_fixation.pdf ]

and could be useful to all web applications developers and security
analysts. We will appreciate any feedback you might provide.

Mitja Kolsek

ACROS, d.o.o.
Stantetova 4, SI - 2000 Maribor, Slovenia
web: http://www.acros.si
e-mail: mitja.kolsek@acros.si

to post comments


Copyright © 2002, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds