Cybertrion Systems

Home About Photos Contact

[2/5] Aipo / Aipo ASP Session Fixation Vulnerability

September 28th, 2007 by
[2/5] Aipo / Aipo ASP Session Fixation Vulnerability

:A vulnerability has been reported in Aipo and Aipo ASP, which can be exploited by malicious people to conduct session fixation attacks.The vulnerability is caused due to an error in the handling of sessions and can be exploited to hijack a user’s session by tricking the user into logging in after following a specially crafted link.The vulnerability is reported in version 3.0.1.0. Other versions may also be affected.Solution:Update to version 3.2.0.4.http://aipo.aimluck.com/download/update.htmlProvided and/or discovered by:JVN credits Ishikawa HiroshiOriginal Advisory:http://jvn.jp/jp/JVN%2370075625/index.htmlhttp://aipo.aimluck.com/download/update.html

Original post by kapil

[2/5] Aipo / Aipo ASP Session Fixation Vulnerability

Related Articles:
  • [2/5] Ruby on Rails Session Fixation Security Issue
  • [2/5] Zen Cart Session Fixation Vulnerability
  • [2/5] eggblog Session Fixation Vulnerability
  • [2/5] Chameleon CMS Session Fixation Vulnerability
  • [2/5] VHCS Session Fixation Vulnerability


    • Posted in Advisories - Exploits | | [2/5] Aipo / Aipo ASP Session Fixation Vulnerability

    << [3/5] Sun Java System Access Manager Two Security Issues | [3/5] SmbFTPD “SMBDirList()” Format String Vulnerability >>

    Categories

    Archives:

    Search:

    Meta:

    © 2006 Latest 0 day exploits and vulnerabilities .