Skip to content
This repository has been archived by the owner on Jul 22, 2020. It is now read-only.

Session Fixation #486

Open
AnusyaAngamuthu opened this issue May 30, 2018 · 1 comment
Open

Session Fixation #486

AnusyaAngamuthu opened this issue May 30, 2018 · 1 comment

Comments

@AnusyaAngamuthu
Copy link

Clipper CMS 1.3.3 is vulnerable to session fixation attack.
1.The Session Fixation attack fixes an established session on the victim's browser, so the attack starts before the user logs in.
2.Session Fixation is an attack that permits an attacker to hijack a valid user session. The attack explores a limitation in the way the web application manages the session ID, more specifically the vulnerable web application.
3.When authenticating a user, it doesn’t assign a new session ID, making it possible to use an existent session ID.
4.The attack consists of obtaining a valid session ID (e.g. by connecting to the application), inducing a user to authenticate himself with that session ID, and then hijacking the user validated session by the knowledge of the used session ID. The attacker has to provide a legitimate Web application session ID and try to make the victim's browser use it.

Let's see the session values before login

session b4 login
session b4 login2

Session Values after Login

session afterlogin1

session afterlogin2

Mitigation:
1.Session ID must be renewed after authentication (i.e) session must be different before authentication and after authentication.
2.The application should not accept user supplied cookie value (i.e)session value.

@fgeek
Copy link

fgeek commented Nov 12, 2018

CVE-2018-11571 has been assigned for this vulnerability.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants