Session Fixation - ownCloud

2014-07-03T18:17:28
ID OWNCLOUD:4BBAC2D69EBDD309A9EC274DD8C8BF85
Type owncloud
Reporter Lukas Reschke – ownCloud Inc. (lukas@owncloud.org) – Vulnerability discovery and disclosure.
Modified 2018-01-03T18:20:48

Description

Due to authenticating a user without invalidating any existing session identifier an attacker has the opportunity to steal authenticated sessions. A successful exploit requires that PHP is configured to accept session parameters via GET.

Affected Software

  • ownCloud Server < 6.0.2 (CVE-2014-2047)

Action Taken

The session is now regenerated after a successful login.

Acknowledgements

The ownCloud team thanks the following people for their research and responsible disclosure of the above advisory:

  • Lukas Reschke - ownCloud Inc. (lukas@owncloud.org) - Vulnerability discovery and disclosure.