[28242] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Security Paper: Session Fixation Vulnerability in Web-based Applications

daemon@ATHENA.MIT.EDU (Mitja Kolsek (ACROS Lists))
Wed Dec 18 12:19:42 2002

From: "Mitja Kolsek (ACROS Lists)" <lists@acros.si>
To: <bugtraq@securityfocus.com>, <vulnwatch@vulnwatch.org>,
        <NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM>
Date: Wed, 18 Dec 2002 15:01:25 +0100
Message-ID: <NABBLAHLHODKHFAEMBNGIECHHDAA.lists@acros.si>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-2"
Content-Transfer-Encoding: 7bit

ACROS Security is pleased to announce the publication of a security paper
about a new class of attacks on web-based applications that we named
"session fixation" attacks. The paper is available at

	[ http://www.acros.si/papers/session_fixation.pdf ]

and could be useful to all web applications developers and security
analysts. We will appreciate any feedback you might provide.

Mitja Kolsek

ACROS, d.o.o.
Stantetova 4, SI - 2000 Maribor, Slovenia
web: http://www.acros.si
e-mail: mitja.kolsek@acros.si


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[28242] in bugtraq

Security Paper: Session Fixation Vulnerability in Web-based Applications

daemon@ATHENA.MIT.EDU (Mitja Kolsek (ACROS Lists))Wed Dec 18 12:19:42 2002

daemon@ATHENA.MIT.EDU (Mitja Kolsek (ACROS Lists))
Wed Dec 18 12:19:42 2002