CVE-2008-4294
IBM Tivoli Netcool/Webtop 2.1 before 2.1.0.5 has a local-privilege/session-management flaw: it preserves cached user privileges after logout, enabling a physically proximate attacker to hijack a session by visiting an unattended workstation, with a root session remaining valid after a subsequent ...