lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-Id: <201105202110.p4KLAmKj009279@www3.securityfocus.com>
Date: Fri, 20 May 2011 15:10:48 -0600
From: jeffto@...effto.com
To: bugtraq@...urityfocus.com
Subject: Session hacking via authentication cookie on Oracle CRM on Demand

# Vulnerability Title: Session hacking via authentication cookie on Oracle CRM on Demand
# Date: 20/05/2011

# Vendor: Oracle
# Product: Oracle CRM on Demand
# Software Link: https://sso.crmondemand.com/

Summary: Oracle CRM on Demand is a web application to
manage Customer information.

Desc: On login process a cookie with parameter JIDSESSION is downloaded by the user browser.
Once you get the cookie using a cookie theft or another cookie capture software or method
and inject in a second browser you can directly access to the web application without give
any user or password. Oracle said this is a problem of the user not related with them.
The application only uses this cookie to validate the user session.
 
Tested with: Greasemonkey cookie injector - Cookies manager+ (Both extensions on Firefox)
 
Vulnerability discovered by: eljeffto

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ