Jump to content
Kwelwild

Apache Httponly Cookie Disclosure (Cve: 2012-0053)

By Kwelwild, in Tutoriale video

Recommended Posts

Kwelwild Newbie

Kwelwild

Posted
Posted



Description: In this video you will learn how to exploit apache Cookie Disclosure vulnerability (CVE: 2012-0053).

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.

Source : - National Vulnerability Database (NVD) National Vulnerability Database (CVE-2012-0053)

Sursa: Apache Httponly Cookie Disclosure (Cve: 2012-0053)

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...