WebApp Sec mailing list archives

Re: Cookie poisoning without XSS

From: Kanatoko <anvil () jumperz net>
Date: Wed, 30 Aug 2006 14:57:13 +0900

Can anyone describe a method of cookie
poisoning even without XSS.


Use Cookie Monster Bug.

-- 
Kanatoko<anvil () jumperz net>
Open Source WebAppFirewall
http://guardian.jumperz.net/

Current thread:

Cookie poisoning without XSS Smith Norton (Aug 25)
- Re: Cookie poisoning without XSS Martin Straka (Aug 25)
- Re: Cookie poisoning without XSS Dr HenDre (Aug 25)
- RE: Cookie poisoning without XSS Richard M. Smith (Aug 25)
- RE: Cookie poisoning without XSS Richard M. Smith (Aug 25)
- Re: Cookie poisoning without XSS Kanatoko (Aug 30)
- Re: Cookie poisoning without XSS Matteo Meucci (Sep 06)
- <Possible follow-ups>
- RE: Cookie poisoning without XSS Ory Segal (Aug 25)