Logo des Repositoriums
 

Session fixation – the forgotten vulnerability?

dc.contributor.authorSchrank, Michael
dc.contributor.authorBraun, Bastian
dc.contributor.authorJohns, Martin
dc.contributor.authorPosegga, Joachim
dc.contributor.editorFreiling, Felix C.
dc.date.accessioned2019-01-17T13:26:54Z
dc.date.available2019-01-17T13:26:54Z
dc.date.issued2010
dc.description.abstractThe term 'Session Fixation vulnerability' subsumes issues in Web applications that under certain circumstances enable the adversary to perform a session hijacking attack through controlling the victim's session identifier value. We explore this vulnerability pattern. First, we give an analysis of the root causes and document existing attack vectors. Then we take steps to assess the current attack surface of Session Fixation. Finally, we present a transparent server-side method for mitigating vulnerabilities.en
dc.identifier.isbn978-3-88579-264-2
dc.identifier.pissn1617-5468
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/19794
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofSicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-170
dc.titleSession fixation – the forgotten vulnerability?en
dc.typeText/Conference Paper
gi.citation.endPage352
gi.citation.publisherPlaceBonn
gi.citation.startPage341
gi.conference.date5.-7. Oktober 2010
gi.conference.locationBerlin
gi.conference.sessiontitleRegular Research Papers

Dateien

Originalbündel
1 - 1 von 1
Lade...
Vorschaubild
Name:
341.pdf
Größe:
163.8 KB
Format:
Adobe Portable Document Format