WebApp Sec mailing list archives
RE: Cookie poisoning without XSS
From: "Ory Segal" <osegal () watchfire com>
Date: Fri, 25 Aug 2006 20:08:06 +0300
Hi, The term "Cookie Poisoning" usually refers to the act of manipulating cookie values (in one's own HTTP session) in order to perform illegal actions (e.g. SQL Injection, Session Hijacking, etc.), in web applications that rely on cookie values, but do not properly validate these values. You can find a whitepaper on this subject in our web site: https://www.watchfire.com/securearea/whitepapers.aspx?id=18 In addition, the following link presents additional information on Cookie Poisoning: http://www.imperva.com/application_defense_center/glossary/cookie_poison ing.html XSS attacks may enable a malicious user to steal cookies from other users, as well as perform many other things through the injection of malicious client-side scripts (e.g. JavaScript, VBScript, etc.) Hope this helps, -Ory Segal -----Original Message----- From: Smith Norton [mailto:smith.norton () gmail com] Sent: Friday, August 25, 2006 5:17 PM To: webappsec () securityfocus com Subject: Cookie poisoning without XSS I was reading about cookie poisoning. I want to know if there is any way we can poision cookies if XSS vulnerability is not possible. As far as I know, only in the presence of an XSS vulnerability, cookies can be modified. Can anyone describe a method of cookie poisoning even without XSS. Small code snippets would be very helpful to me. Smith ------------------------------------------------------------------------ - Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download a Free Trial of AppScan today! https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008VnG ------------------------------------------------------------------------ -- ------------------------------------------------------------------------- Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download a Free Trial of AppScan today! https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008VnG --------------------------------------------------------------------------
Current thread:
- Cookie poisoning without XSS Smith Norton (Aug 25)
- Re: Cookie poisoning without XSS Martin Straka (Aug 25)
- Re: Cookie poisoning without XSS Dr HenDre (Aug 25)
- RE: Cookie poisoning without XSS Richard M. Smith (Aug 25)
- RE: Cookie poisoning without XSS Richard M. Smith (Aug 25)
- Re: Cookie poisoning without XSS Kanatoko (Aug 30)
- Re: Cookie poisoning without XSS Matteo Meucci (Sep 06)
- <Possible follow-ups>
- RE: Cookie poisoning without XSS Ory Segal (Aug 25)