About: Session poisoning

Facets (new session)
Description
Metadata
Settings
- Rule:
- Inverse Functional Properties:
- "Same As":

About: Session poisoning Goto Sponge NotDistinct Permalink

An Entity of Type : yago:YagoPermanentlyLocatedEntity, within Data Space : dbpedia.org associated with source document(s)
QRcode icon

http://dbpedia.org/describe/?url=http%3A%2F%2Fdbpedia.org%2Fresource%2FSession_poisoning

Session poisoning (also referred to as "session data pollution" and "session modification") is a method to exploit insufficient input validation within a server application. Typically a server application that is vulnerable to this type of exploit will copy user input into session variables. The underlying vulnerability is a state management problem: shared state, race condition, ambiguity in use or plain unprotected modifications of state values.

Attributes	Values
rdf:type	software yago:WikicatComputerSecurityExploits yago:WikicatWebSecurityExploits yago:Abstraction100002137 yago:Accomplishment100035189 yago:Act100030358 yago:Action100037396 yago:Event100029378 yago:Feat100036762 yago:PsychologicalFeature100023100 yago:YagoPermanentlyLocatedEntity
rdfs:label	Session poisoning (en)
rdfs:comment	Session poisoning (also referred to as "session data pollution" and "session modification") is a method to exploit insufficient input validation within a server application. Typically a server application that is vulnerable to this type of exploit will copy user input into session variables. The underlying vulnerability is a state management problem: shared state, race condition, ambiguity in use or plain unprotected modifications of state values. (en)
dcterms:subject	Web security exploits
Wikipage page ID	3752959 (xsd:integer)
Wikipage revision ID	956142341 (xsd:integer)
Link from a Wikipage to another Wikipage	Full disclosure (mailing list) PHP Session fixation Web security exploits Bugtraq Session (computer science) Exploit (computer security) Race hazard
sameAs	Session poisoning Session poisoning Session poisoning Session poisoning
dbp:wikiPageUsesTemplate	dbt:Reflist
has abstract	Session poisoning (also referred to as "session data pollution" and "session modification") is a method to exploit insufficient input validation within a server application. Typically a server application that is vulnerable to this type of exploit will copy user input into session variables. The underlying vulnerability is a state management problem: shared state, race condition, ambiguity in use or plain unprotected modifications of state values. Session poisoning has been demonstrated in server environments where different, non-malicious applications (scripts) share the same session states but where usage differ, causing ambiguity and race conditions. Session poisoning has been demonstrated in scenarios where attacker is able to introduce malicious scripts into the server environment, which is possible if attacker and victim share a web host. (en)
gold:hypernym	Method
prov:wasDerivedFrom	wikipedia-en:Session_poisoning?oldid=956142341&ns=0
page length (characters) of wiki page	6785 (xsd:nonNegativeInteger)
foaf:isPrimaryTopicOf	wikipedia-en:Session_poisoning
is Link from a Wikipage to another Wikipage of	Session fixation Session (computer science) Session data pollution Session modification
is Wikipage redirect of	Session data pollution Session modification
is foaf:primaryTopic of	wikipedia-en:Session_poisoning

Faceted Search & Find service v1.17_git139 as of Feb 29 2024

Alternative Linked Data Documents: ODE Content Formats:

RDF

ODATA

Microdata

About

OpenLink Virtuoso version 08.03.3330 as of Mar 19 2024, on Linux (x86_64-generic-linux-glibc212), Single-Server Edition (62 GB total memory, 45 GB memory in use)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2024 OpenLink Software