Trilight Zone Forum Index Trilight Zone
Privacy & Anonymity is our specialty !
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Session Fixation Vulnerability in Web-based Applications

 
Post new topic   Reply to topic    Trilight Zone Forum Index -> Security
Author Message
digital8
Second Lieutenant


Joined: 29 Sep 2005
Posts: 1002

PostPosted: Thu Sep 29, 2005 4:10 pm    Post subject: Session Fixation Vulnerability in Web-based Applications Reply with quote
Many web-based applications employ some kind of session management to create a user-friendly environment. Sessions are stored on server and associated with respective users by session identifiers (IDs). To prevent attackers hijacking users' identities by obtaining session IDs, web servers are employing techniques for protecting session IDs from three classes of attacks: interception, prediction and brute-force attacks. This paper reveals a fourth class of attacks against session IDs: session fixation attacks.

Click Here to download this white paper
Back to top
Display posts from previous:   
Post new topic   Reply to topic    Trilight Zone Forum Index -> Security All times are GMT
Page 1 of 1

 


Powered by phpBB © 2001, 2005 phpBB Group