Cookie Holes Expose Browsers


Security researcher Michal Zalewski has identified an issue related to the manner in which most Web browsers process so called cookies that he contends may leave many Web sites open to malicious attacks.

Zalewski, best known as the author of security tome "Silence on the Wire," has labeled his discovery "cross-site cooking" and claims that the problem is based on some of the primary design elements used to create and employ HTTP cookies. Cookie Holes Expose Browsers

Linked by shanmuga Wednesday, 1st February 2006 6:55AM