Help Center Live Community
April 24, 2014, 08:50:27 AM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News:
 
   Home   Help Search Login Register  
Pages: [1]   Go Down
  Print  
Author Topic: chatid hijacking  (Read 2705 times)
rsd
Not too much to say...
*
Offline Offline

Posts: 6


« on: January 21, 2010, 01:52:48 PM »

This seems to be a potential security issue, but I need to check further.

chatid is the id from the traffic table, which is created in $live->newvisitor().

however, $live->chatid() accepts it from a cookie, if not on session:
Code:
if (isset($_COOKIE['hcl_chatid']) && !isset($_SESSION['hcl_chatid']))
$_SESSION['hcl_chatid'] = $_COOKIE['hcl_chatid'];

So an attacker can try to guess a chatid from another user.

I am not sure yet to which extension this can be a problem, but I would like to hear  from someone who knows better.
Logged
Pages: [1]   Go Up
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.8 | SMF © 2006-2008, Simple Machines LLC Valid XHTML 1.0! Valid CSS!
Page created in 0.16 seconds with 20 queries.

Google visited last this page April 21, 2014, 10:35:25 AM