Lucene search
PRIOn knowledge basePRION:CVE-2010-3902HistoryOct 14, 2010 - 5:58 a.m.
Design/Logic Flaw
2010-10-1405:58:00
PRIOn knowledge base
www.prio-n.com
2
OpenConnect before 2.26 places the webvpn cookie value in the debugging output, which might allow remote attackers to obtain sensitive information by reading this output, as demonstrated by output posted to the public openconnect-devel mailing list.
| CPE | Name | Operator | Version |
|---|---|---|---|
| openconnect | eq | 2.22 | |
| openconnect | eq | 1.00 | |
| openconnect | eq | 1.30 | |
| openconnect | eq | 1.10 | |
| openconnect | le | 2.25 | |
| openconnect | eq | 1.20 |
References
secunia.com/advisories/42381
www.infradead.org/openconnect.html
www.securityfocus.com/bid/44111
www.vupen.com/english/advisories/2010/3078
lists.fedoraproject.org/pipermail/package-announce/2010-November/051620.html
lists.fedoraproject.org/pipermail/package-announce/2010-November/051637.html
lists.fedoraproject.org/pipermail/package-announce/2010-November/051640.html
Related
cvelist
cvelist
CVE-2010-3902
2010-10-12 21:00:00
openvas
openvas
Fedora Update for openconnect FEDORA-2010-18032
2010-12-09 00:00:00
Fedora Update for openconnect FEDORA-2010-18053
2010-12-09 00:00:00
Fedora Update for openconnect FEDORA-2010-18055
2010-12-09 00:00:00
nvd
nvd
CVE-2010-3902
2010-10-14 05:58:42
cve
cve
CVE-2010-3902
2010-10-14 05:58:42
nessus
nessus
Fedora 12 : openconnect-2.26-1.fc12 (2010-18032)
2010-11-30 00:00:00
Fedora 13 : openconnect-2.26-2.fc13 (2010-18053)
2010-11-30 00:00:00
Fedora 14 : openconnect-2.26-4.fc14 (2010-18055)
2010-11-30 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: openconnect-2.26-4.fc14
2010-11-29 21:36:22
[SECURITY] Fedora 12 Update: openconnect-2.26-1.fc12
2010-11-29 21:31:47
[SECURITY] Fedora 13 Update: openconnect-2.26-2.fc13
2010-11-29 21:34:57
ubuntucve
ubuntucve
CVE-2010-3902
2010-10-14 00:00:00
debiancve
debiancve
CVE-2010-3902
2010-10-14 05:58:42