Lucene search
HistoryOct 03, 2022 - 4:13 p.m.
CVE-2008-7255
cve-2008-7255
amsn
alvaro's messenger
information security
session hijacking
physical security
nvd
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
12.6%
login_screen.tcl in aMSN (aka Alvaro’s Messenger) before 0.97.1 saves a password after logout, which allows physically proximate attackers to hijack a session by visiting an unattended workstation.
Affected configurations
Node
amsnamsnRange≤0.97
ORamsnamsnMatch0.83
ORamsnamsnMatch0.90
ORamsnamsnMatch0.91
ORamsnamsnMatch0.92
ORamsnamsnMatch0.93
ORamsnamsnMatch0.94
ORamsnamsnMatch0.95
ORamsnamsnMatch0.96
Related
prion
prion
Design/Logic Flaw
2010-04-20 16:30:00
openvas
openvas
aMSN session hijack vulnerability (Windows)
2010-04-29 00:00:00
aMSN < 0.97.1 Session Hijack Vulnerability - Windows
2010-04-29 00:00:00
nvd
nvd
CVE-2008-7255
2010-04-20 16:30:00
cvelist
cvelist
CVE-2008-7255
2022-10-03 16:13:53
ubuntucve
ubuntucve
CVE-2008-7255
2010-04-20 00:00:00
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
12.6%
Related for CVE-2008-7255