[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OSCommerce Session Fixation Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: OSCommerce Session Fixation Vulnerability
From: tech107@xxxxxxxxx
Date: Tue, 14 Apr 2009 05:23:55 -0600

Great find!  However depending on the PHP version and proper osC configuration, 
session hijacking will not work.  Credit goes to osC team.

Solution
http://forums.oscommerce.com/index.php?showtopic=333351

Prev by Date: BugCON '09, Mexico: Call For Papers
Next by Date: [DSECRG-09-037] abk-soft AbleSpace CMS 1.0 - Multiple security vulnerabilities
Previous by thread: OSCommerce Session Fixation Vulnerability
Next by thread: Layered Defense Research Advisory: Format String Vulnerability: FortiClient Version 3
Index(es):
- Date
- Thread