Vulnerability Development mailing list archives
Re: Cookies
From: Crispin Cowan <crispin () WIREX COM>
Date: Sun, 6 Aug 2000 14:53:12 -0700
George wrote:
A few friends of mine were discussing the possibility of a custom crafted cookie replacing a valid cookie on a client machine being used to exploit the web server that placed the first cookie on the client. Has anyone looked at the possibility of editing a cookie to search for/exploit buffer overflows in the server side code that reads cookies? If there is any information on this sort of technique I would appreciate a pointer.
This sounds like an interesting variation on the "cross-site scripting" issue announced early this year here http://www.cert.org/advisories/CA-2000-02.html and here http://www.apache.org/info/css-security/index.html . In both cases, you're pretending to be "bigbiz.com" but actually sending data to "badguyz.net". Crispin -- Crispin Cowan, Chief Scientist, WireX Communications, Inc. http://wirex.com Free Hardened Linux Distribution: http://immunix.org
Current thread:
- Re: Cookies, (continued)
- Re: Cookies Denis Ducamp (Aug 09)
- Re: Cookies Kev (Aug 10)
- Re: Cookies Denis Ducamp (Aug 10)
- Re: Cookies Slawek (Aug 10)
- Re: Cookies Modify (Aug 10)
- Re: Cookies George (Aug 07)
- Re: Cookies Crist Clark (Aug 09)
- Re: Cookies J Edgar Hoover (Aug 12)
- Re: Cookies Ryan Permeh (Aug 09)