Session poisoning (also referred to as "Session data pollution" and "Session modification") is a method to exploit insufficient input validation within a server application. Typically a server application that is vulnerable to this type of exploit will copy user input into session variables.
The underlying vulnerability is a state management problem: shared state, race condition, ambiguity in use or plain unprotected modifications of state values.
Session poisoning has been demonstrated in server environments where different, non-malicious applications (scripts) share the same session states but where usage differ, causing ambiguity and race conditions.
Session poisoning has been demonstrated in scenarios where attacker is able to introduce malicious scripts into the server environment, which is possible if attacker and victim share a web host.
Famous quotes containing the words session and/or poisoning:
“I need not tell you of the inadequacy of the American shipping marine on the Pacific Coast.... For this reason it seems to me that there is no subject to which Congress can better devote its attention in the coming session than the passage of a bill which shall encourage our merchant marine in such a way as to establish American lines directly between New York and the eastern ports and South American ports, and both our Pacific Coast ports and the Orient and the Philippines.”
—William Howard Taft (1857–1930)
“The most winning woman I ever knew was hanged for poisoning three little children for their insurance-money, and the most repellent man of my acquaintance is a philanthropist who has spent nearly a quarter of a million upon the London poor.”
—Sir Arthur Conan Doyle (1859–1930)