Lucene search

FreeBSDA0AFB4B9-89A1-11DD-A65B-00163E000016

HistoryAug 12, 2008 - 12:00 a.m.

squirrelmail -- Session hijacking vulnerability

2008-08-1200:00:00

vuxml.freebsd.org

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.1%

JSON

Hanno Boeck reports:

When configuring a web application to use only ssl (e.g. by
forwarding all http-requests to https), a user would expect that
sniffing and hijacking the session is impossible.
Though, for this to be secure, one needs to set the session
cookie to have the secure flag. Otherwise the cookie will be
transferred through HTTP if the victim’s browser does a single
HTTP request on the same domain.
Squirrelmail does not set that flag. It is fixed in the 1.5
test versions, but current 1.4.15 is vulnerable.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchsquirrelmail<= 1.4.15_1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	squirrelmail	<= 1.4.15_1	UNKNOWN

References

seclists.org/bugtraq/2008/Sep/0239.html

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.1%

JSON

Related for A0AFB4B9-89A1-11DD-A65B-00163E000016