[rt-users] On the session fixation vulnerability - what do the logs look like?

Jesse Vincent jesse at bestpractical.com
Wed Dec 2 10:45:53 EST 2009


Arrigo,

What you'd see if you were attacked using the vulnerability we announced
patches for would...not necessarily be distinguishable from regular
traffic to your RT server. Though you _would_ see the malicious user's
IP in your logs.  I think you hit a case where something went wrong with
transaction creation, possibly related to the file someone was trying to
attach.

It looks like a bug. But it doesn't look like you were attacked.

Best,
Jesse

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20091202/e114b117/attachment.sig>


More information about the rt-users mailing list