[prev in list] [next in list] [prev in thread] [next in thread]
List: webappsec
Subject: Re: post to bugtraq about "session fixation"
From: H D Moore <sflist () digitaloffense ! net>
Date: 2002-12-20 19:22:29
[Download RAW message or body]
ASP.NET has a similar problem:
http://www.digitaloffense.net/confs/core02/slides/slide14.html
-HD
On Friday 20 December 2002 10:00, Cesar wrote:
> You are right. It is an interesting and well written
> paper.
> But there is a wrong statement in paper, Microsoft
> Internet Information Server is NOT "Strict", is a kind
> of "Permissive" it will accept some proposed cookie
> SessionID and i will create a new session.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic