Web Server Generic Cookie Injection

medium Nessus Plugin ID 44135

Synopsis

The remote web server is prone to a cookie injection attack.

Description

The remote host is running a web server that fails to adequately sanitize request strings of malicious JavaScript. By leveraging this issue, an attacker may be able to inject arbitrary cookies. Depending on the structure of the web application, it may be possible to launch a 'session fixation' attack using this mechanism.

Please note that :

- Nessus did not check if the session fixation attack is feasible.

- This is not the only vector of session fixation.

Solution

Contact the vendor for a patch or upgrade.

See Also

https://en.wikipedia.org/wiki/Session_fixation

https://www.owasp.org/index.php/Session_Fixation

http://www.acros.si/papers/session_fixation.pdf

http://projects.webappsec.org/w/page/13246960/Session%20Fixation

Plugin Details

Severity: Medium

ID: 44135

File Name: cookie_manipulation.nasl

Version: 1.13

Type: remote

Family: CGI abuses

Published: 1/25/2010

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus