|
Vulnerability Development
mailing list archives
Re: Cookies
From: Crispin Cowan <crispin () WIREX COM>
Date: Sun, 6 Aug 2000 14:53:12 -0700
George wrote:
A few friends of mine were discussing the possibility of a custom crafted
cookie replacing a valid cookie on a client machine being used to exploit
the web server that placed the first cookie on the client.
Has anyone looked at the possibility of editing a cookie to search
for/exploit buffer overflows in the server side code that reads cookies? If
there is any information on this sort of technique I would appreciate a
pointer.
This sounds like an interesting variation on the "cross-site scripting" issue
announced early this year here http://www.cert.org/advisories/CA-2000-02.html
and here http://www.apache.org/info/css-security/index.html . In both cases,
you're pretending to be "bigbiz.com" but actually sending data to
"badguyz.net".
Crispin
--
Crispin Cowan, Chief Scientist, WireX Communications, Inc. http://wirex.com
Free Hardened Linux Distribution: http://immunix.org
 By Date 
By Thread
Current thread:
- Re: Cookies, (continued)
- Re: Cookies Crispin Cowan (Aug 07)
- Re: Cookies netsec [davidv] (Aug 08)
| 
Intro
