narutopgm Posted August 24, 2011 Share Posted August 24, 2011 hello nessus report cookie injection. Synopsis: The remote web server is prone to a cookie injection attack. Description The remote host is running a web server that fails to adequately sanitize request strings of malicious JavaScript. By leveraging this issue, an attacker may be able to inject arbitrary cookies. Depending on the structure of the web application, it may be possible to launch a 'session fixation' attack using this mechanism. Please note that : - Nessus did not check if the session fixation attack is feasible. - This is not the only vector of session fixation. Solution Contact the vendor for a patch or upgrade. See Also http://en.wikipedia.org/wiki/Session_fixation http://www.owasp.org/index.php/Session_Fixation http://www.acros.si/papers/session_fixation.pdf http://projects.webappsec.org/Session-Fixation Risk Factor: Medium CVSS Base Score 4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N) Plugin Output The request string used to detect this flaw was : <script>document.cookie=%22testkzqg=5603;%22</script> The output was : HTTP/1.1 400 Bad Request Content-Type: text/html; charset=utf-8 Server: Mono-HTTPAPI/1.0 Date: Wed, 24 Aug 2011 15:39:32 GMT Content-Length: 118 Connection: close <h1>Bad Request (Invalid url: http://sd001.**********.eu:8890<script>document.cookie="testkzqg=5603;"</script>)</h1> Plugin Publication Date: 2010/01/25 Plugin Last Modification Date: 2011/03/14 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now