Does anyone know if there are any issues I should be aware of?
The main issue is that the scripting language (for example PHP) that is parsing the cookie may be implemented in a language (for example C) that treats the NULL byte character (0x00) as a special control character.
For example, in the C language a "string" of length N is implemented as an array of N+1 characters, where the (N+1)th character at the end of the array is 0x00, which is used to indicate the end of the string.
The general security principle being violated here is the unexpected mixing of instructions (the instruction-like control character 0x00) with data. Cookies are generally thought of as strings of data, but because the null byte has a special control property in C (it indicates the end of strings and can cause string parsing routines to return) it functions somewhat more like an instruction than data.
Here's a specific example of how the null byte could cause problems: It might be possible to upload a file called "backdoor.php\x00.png" that contains PHP backdoor code. Even if php files are blacklisted from being uploaded, this file might still be uploaded since the extension is ".png." If the PHP filename parsing (which is implemented in C) improperly returns at the null byte character the file might be saved with the name "backdoor.php" and could then be executed by accessing the file in the uploads folder. This type of exploit is called "Null Byte Injection."
I'm not aware of a specific exploit based on a null character in a cookie, but the idea is similar to above and would exploit the special properties of the null byte in the implementation language of the code parsing the cookie.
