CGI Generic Cookie Injection Scripting

Medium Nessus Plugin ID 44136

Synopsis

The remote web server is prone to cookie injection attacks.

Description

The remote web server hosts at least one CGI script that fails to adequately sanitize request strings with malicious JavaScript.

By leveraging this issue, an attacker may be able to inject arbitrary cookies. Depending on the structure of the web application, it may be possible to launch a 'session fixation' attack using this mechanism.

Please note that :

- Nessus did not check if the session fixation attack is feasible.

- This is not the only vector of session fixation.

Solution

Restrict access to the vulnerable application. Contact the vendor for a patch or upgrade.

See Also

https://en.wikipedia.org/wiki/Session_fixation

https://www.owasp.org/index.php/Session_Fixation

http://www.acros.si/papers/session_fixation.pdf

http://projects.webappsec.org/w/page/13246960/Session%20Fixation

Plugin Details

Severity: Medium

ID: 44136

File Name: torture_cgi_cookie_manip.nasl

Version: 1.17

Type: remote

Family: CGI abuses

Published: 2010/01/25

Updated: 2018/11/15

Dependencies: 49067, 10107, 39471, 44135, 67257, 56244

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

Required KB Items: Settings/enable_web_app_tests

Reference Information

CWE: 472, 642, 715, 722