Origins
Session poisoning was first discussed as a (potentially new) vulnerability class in Full disclosure mailinglist. Alla Bezroutchko inquired if "Session data pollution vulnerabilities in web applications" was a new problem in January 2006. However, this was an old vulnerability previously noted by others: "this is a classic state management issue" - Yvan Boily; "This is not new" - /someone.
Earlier examples of these vulnerabilities can be found in major security resources/archives such as Bugtraq, e.g.
- July 2001 Serious security hole in Mambo Site Server version 3.0.X by Ismael Peinado Palomo of reverseonline.com
- September 2005 PHP Session modification by unknow (from uw-team) and adam_i
Session pollution has also been covered in some articles, such as PHP Session Security, Przemek Sobstel, 2007 (accessed September 22, 2007).
Read more about this topic: Session Poisoning
Famous quotes containing the word origins:
“Lucretius
Sings his great theory of natural origins and of wise conduct; Plato
smiling carves dreams, bright cells
Of incorruptible wax to hive the Greek honey.”
—Robinson Jeffers (1887–1962)
“The settlement of America had its origins in the unsettlement of Europe. America came into existence when the European was already so distant from the ancient ideas and ways of his birthplace that the whole span of the Atlantic did not widen the gulf.”
—Lewis Mumford (1895–1990)
“The origins of clothing are not practical. They are mystical and erotic. The primitive man in the wolf-pelt was not keeping dry; he was saying: “Look what I killed. Aren’t I the best?””
—Katharine Hamnett (b. 1948)