WebApp Sec mailing list archives
Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications
From: Mark Curphey <mark () curphey com>
Date: Wed, 18 Dec 2002 13:33:38 -0500 (EST)
----------
From: "Mitja Kolsek (ACROS Lists)" <lists () acros si>
Date: Wed, 18 Dec 2002 15:01:25 +0100
To: bugtraq () securityfocus com,vulnwatch () vulnwatch org,NTBUGTRAQ () LISTSERV NTBUGTRAQ COM
Subject: Security Paper: Session Fixation Vulnerability in Web-based Applications
ACROS Security is pleased to announce the publication of a security paper
about a new class of attacks on web-based applications that we named
"session fixation" attacks. The paper is available at
[ http://www.acros.si/papers/session_fixation.pdf ]
and could be useful to all web applications developers and security
analysts. We will appreciate any feedback you might provide.
Mitja Kolsek
ACROS, d.o.o.
Stantetova 4, SI - 2000 Maribor, Slovenia
web: http://www.acros.si
e-mail: mitja.kolsek () acros si
Current thread:
- Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications Mark Curphey (Dec 18)
- Re: Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications Sverre H. Huseby (Dec 19)
- Re: Security Paper: Session Fixation Vulnerability in Web-based Applications Bill Pennington (Dec 19)
- <Possible follow-ups>
- Re: Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications Craig_Sullivan (Dec 20)
- Re: Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications Sverre H. Huseby (Dec 19)