Description: In this video you will learn how to exploit apache Cookie Disclosure vulnerability (CVE: 2012-0053).
protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.
Source : - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0053
Tags: hacking , hack , exploitation , apache. ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.