Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Apache HTTP Server Session Fixation Vulnerability - CVE-2001-1534 - Vulnerability Database
Apache HTTP Server

Apache HTTP Server Session Fixation Vulnerability - CVE-2001-1534

Low
Reference: CVE-2001-1534
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2001-1534
Title: Apache HTTP Server Session Fixation Vulnerability
Overview:

mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID39s using predictable information including host IP address system time and server process ID which allows local users to obtain session ID39s and bypass authentication when these session ID39s are used for authentication.