0 Replies Latest reply on Oct 30, 2008 12:40 PM by Newsgroup_User

    How to correct COOKIE + FORCED HTTP METHOD error

    Level 7
      I am running a few pages against the Access Me plug-in in firefox and
      received 3 errors..and 2 warnings...
      where do i began to resolve these issues?
      Access Me String Test Results
      FORCED HTTP METHOD
      Attack Details:

      a.. HTTP Method: SECCOMP
      The attacked page is dangerously similar to the original page. It is 100%
      similar. Got access to a resource that should be protected. Server response
      code:200 OK.

      COOKIE + FORCED HTTP METHOD
      Attack Details:

      a.. Input Parameter: ASP.NET_SessionId
      b.. HTTP Method: SECCOMP
      The attacked page is dangerously similar to the original page. It is 100%
      similar. Got access to a resource that should be protected. Server response
      code:200 OK.

      COOKIE
      Attack Details:

      a.. Input Parameter: ASP.NET_SessionId
      The attacked page is dangerously similar to the original page. It is 100%
      similar. Got access to a resource that should be protected. Server response
      code:200 OK.

      FORCED HTTP METHOD
      Attack Details:

      a.. HTTP Method: HEAD
      Got access to a resource that should be protected. Server response code:200
      OK. The attacked page is not very similar to the original page. It is 0.649%
      similar.

      COOKIE + FORCED HTTP METHOD
      Attack Details:

      a.. Input Parameter: ASP.NET_SessionId
      b.. HTTP Method: HEAD
      Got access to a resource that should be protected. Server response code:200
      OK. The attacked page is not very similar to the original page. It is 0.649%
      similar.

      --
      ASP, SQL2005, DW8 VBScript, Visual Studio 2005, Visual Studio 2008