tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Questions on session hijack bug in 6.0.14 (CVE-2007-5333)
Date Tue, 10 Jun 2008 21:33:17 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mark,

Mark Thomas wrote:
| This attack requires luring a user who is already logged in to a webapp
| running on a vulnerable Tomcat server to a malicious site. With a
| suitably crafted URL, the attacker is able to steal the authentication
| cookie for the user who was lured to the malicious site. It is the user
| that is lured who is the 'current user'.

Maybe I'm not reading the OP's reference correctly
(http://securitytracker.com/alerts/2007/Aug/1018557.html) but it looks
like the URL provided (in the "exploit") doesn't demonstrate what you
describe.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkhO8x0ACgkQ9CaO5/Lv0PDMcgCeL/A1AIC/uFGlFonqsLeg9Vq2
RbUAn2qNiHgkzEpTFePBhTD0JxcpuX0y
=cpn1
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message