

The Misfortune Cookie Vulnerability - shahartal
http://mis.fortunecook.ie

======
TimGremalm
"Misfortune Cookie is a critical vulnerability that allows an intruder to
remotely take over an Internet router and use it to attack home and business
networks."

"The Misfortune Cookie vulnerability is due to an error within the HTTP cookie
management mechanism present in the affected software, allowing an attacker to
determine the ‘fortune’ of a request by manipulating cookies. Attackers can
send specially crafted HTTP cookies that exploit the vulnerability to corrupt
memory and alter the application and system state. This, in effect, can trick
the attacked device to treat the current session with administrative
privileges - to the misfortune of the device owner."

