Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vitaliy Semyanchuk2014-01-28 11:23:48
Kohana
Vitaliy Semyanchuk, 2014-01-28 11:23:48

Kohana Session_exception[1] - error reading session data?

Good afternoon.
Here is the problem, when checking my site for vulnerabilities, one of the programs, namely the Burp suite,
gave an error Session_exception[1] - error reading session data, and under it there is a bunch of source code.
This all happened due to the fact that Burp suite passes session='../../../../etc/paswd' to any page.
So I want to ask how dangerous it is, and how to make the kohana ignore such sessions?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
V
Vit, 2014-01-28
@fix20152

The test program attempted to read a file that cannot be read. Kohana honestly gave a reading error - this is normal. On the contrary, it would be bad if your site gave the attacker the contents of /etc/passwd

Similar questions
A
Anton2016-09-05 11:54:36
Kohana, output of goods, how to display titles once? 2Reply
A
Anton2016-12-13 16:13:57
4 level menu, I can't figure out how to display level 4? 2Reply
O
OKNOZA2017-01-29 10:44:33
How to output array from controller in Kohana? 0Reply
O
OKNOZA2017-01-30 18:59:01
Kohana how to pull array from controller to View? 1Reply
E
entermix2015-05-06 19:39:15
Why doesn't Kohana autoload work? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question