Security Paper: Session Fixation Vulnerability in Web-based Applications
From: Mitja Kolsek (ACROS Lists) (lists@ACROS.SI)
Date: 12/18/02
- Previous message: Russ: "Alert: Microsoft Security Bulletin - MS02-072"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 18 Dec 2002 15:01:25 +0100 From: "Mitja Kolsek (ACROS Lists)" <lists@ACROS.SI> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
ACROS Security is pleased to announce the publication of a security paper
about a new class of attacks on web-based applications that we named
"session fixation" attacks. The paper is available at
[ http://www.acros.si/papers/session_fixation.pdf ]
and could be useful to all web applications developers and security
analysts. We will appreciate any feedback you might provide.
Mitja Kolsek
ACROS, d.o.o.
Stantetova 4, SI - 2000 Maribor, Slovenia
web: http://www.acros.si
e-mail: mitja.kolsek@acros.si
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Delivery co-sponsored by TruSecure Corporation
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Demonstrate your knowledge and understanding of core IT Security, become
TICSA certified.
Are you responsible for IT security in job function, but not necessarily
in title? Do you want to prove your IT security knowledge and increase
opportunities? Interested? Visit;
http://www.trusecure.com/solutions/certifications/ticsa/
for more information.
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Next message: Steve Midgley: "Re: Session Fixation Vulnerability in Web-based Applications"
- Previous message: Russ: "Alert: Microsoft Security Bulletin - MS02-072"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
