On Tue, Mar 14, 2006 at 07:32:16PM +0100, Hans Wolters wrote:
>
> Once you visit a site where Invision Board is used the first click on
> the Log In link points the visitor to a link with the session id in it:
>
> index.php?s=<session_id>&act=Login&CODE=00
>
> If you copy this session id, login and start a different browser (not
> a new instance) then you only need to copy the session id url into
> the different browser to login without giving the password and login
> name.
so you're saying that you can hijack a user's session if you have access
to his session id? Well, that's not a vulnerability, that's how HTTP
sessions work.
On Tue, Mar 14, 2006 at 07:32:16PM +0100, Hans Wolters wrote:
>
> Once you visit a site where Invision Board is used the first click on
> the Log In link points the visitor to a link with the session id in it:
>
> index.php?s=<session_id>&act=Login&CODE=00
>
> If you copy this session id, login and start a different browser (not
> a new instance) then you only need to copy the session id url into
> the different browser to login without giving the password and login
> name.
so you're saying that you can hijack a user's session if you have access
to his session id? Well, that's not a vulnerability, that's how HTTP
sessions work.
Bye,
Peter
--
Peter Conrad Tel: +49 6102 / 80 99 072
[ t]ivano Software GmbH Fax: +49 6102 / 80 99 071
Bahnhofstr. 18 http://www.tivano.de/
63263 Neu-Isenburg
Germany
[ reply ]