Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Apache HTTP Server Session Fixation Vulnerability (CVE-2001-1534)

Description

mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.

Remediation

References

Related Vulnerabilities

WordPress Plugin Form for WordPress-Zoho Forms Cross-Site Scripting (3.0)

WordPress Plugin Custom Login Redirect Cross-Site Request Forgery (1.0.0)

WordPress Plugin Custom Scrollbar Designer Cross-Site Scripting (1.0)

MySQL CVE-2013-1512 Vulnerability (CVE-2013-1512)

Joomla Improper Input Validation Vulnerability (CVE-2015-8564)

Severity

Low

Classification

CVE-2001-1534 CWE-384

Tags

Missing Update Known Vulnerabilities