Vulnwatch mailing list archives

Security Paper: Session Fixation Vulnerability in Web-based Applications


From: "Mitja Kolsek \(ACROS Lists\)" <lists () acros si>
Date: Wed, 18 Dec 2002 15:01:25 +0100


ACROS Security is pleased to announce the publication of a security paper
about a new class of attacks on web-based applications that we named
"session fixation" attacks. The paper is available at

        [ http://www.acros.si/papers/session_fixation.pdf ]

and could be useful to all web applications developers and security
analysts. We will appreciate any feedback you might provide.

Mitja Kolsek

ACROS, d.o.o.
Stantetova 4, SI - 2000 Maribor, Slovenia
web: http://www.acros.si
e-mail: mitja.kolsek () acros si


Current thread: