exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Apache protocol.c Cookie Disclosure https://packetstormsecurity.com/files/109284/httponly-disclose.txt https://packetstormsecurity.com/files/109284/httponly-disclose.txt https://packetstormsecurity.com/files/109284/Apache-protocol.c-Cookie-Disclosure.html Tue, 31 Jan 2012 11:11:11 GMT Proof of concept code for a vulnerability in protocol.c from Apache versions 2.2.x through 2.2.21. The issue is that it does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies.

Related Files

No related files
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close