This article is a part of our Web Security Knowledge Base (back to index)
Why Cookie Slack Detector can be dangerous
It means that for a series of GET requests to the same URI, each time dropping a different cookie, nothing changes in the response length. Cookies which don’t have the expected effect can reveal flaws in application logic. In the worst case, there may be areas on the website where authentication via session cookies or the content controlled by preference cookies are not actually enforced. This leaves the possibility of fingerprinting the application and preparing scenarios for further attacks.
How to fix Cookie Slack Detector
Verify if you are using session IDs and cookie-based authentication.
Check if all cookie preferences are used.
Ensure there are no unused information cookies.
Review all the areas reported to have issues with slack cookies.
How does ScanRepeat report Cookie Slack Detector
ScanRepeat checks one by one if cookies are used for rendering the page at a given URI, based on length in bytes of response compared to baseline request. It reports every occurrence of such a vulnerability providing the URL of the issue along with the slack cookie name.
Would you like to test your application now against this problem? Sign up for our free trialScan Your Web App Now