Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Internet Information Services Other Vulnerability - CVE-2000-0970 - Vulnerability Database
Internet Information Services

Internet Information Services Other Vulnerability - CVE-2000-0970

High
Reference: CVE-2000-0970
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2000-0970
Title: Internet Information Services Other Vulnerability
Overview:

IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions which could allow remote attackers to hijack the secure web session of the user if that user moves to an insecure session aka the quotSession ID Cookie Markingquot vulnerability.