Lucene search
Ubuntu.comUB:CVE-2009-4151HistoryDec 02, 2009 - 12:00 a.m.
CVE-2009-4151
2009-12-0200:00:00
ubuntu.com
ubuntu.com
9
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.005 Low
EPSS
Percentile
76.0%
Session fixation vulnerability in html/Elements/SetupSessionCookie in Best
Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 allows
remote attackers to hijack web sessions by setting the session identifier
via a manipulation that leverages “HTTP access to the RT server,” a related
issue to CVE-2009-3585.
Related
openvas
openvas
Fedora Core 11 FEDORA-2009-12827 (rt3)
2009-12-14 00:00:00
Fedora Core 12 FEDORA-2009-12783 (rt3)
2009-12-14 00:00:00
Fedora Core 10 FEDORA-2009-12817 (rt3)
2009-12-14 00:00:00
nessus
nessus
Fedora 12 : rt3-3.8.4-7.fc12 (2009-12783)
2009-12-14 00:00:00
Fedora 11 : rt3-3.8.2-12.fc11 (2009-12827)
2009-12-14 00:00:00
Debian DSA-1944-1 : request-tracker3.4 request-tracker3.6 - session hijack
2010-02-24 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: rt3-3.8.4-7.fc12
2009-12-11 18:23:33
[SECURITY] Fedora 10 Update: rt3-3.8.2-12.fc10
2009-12-11 18:29:41
[SECURITY] Fedora 11 Update: rt3-3.8.2-12.fc11
2009-12-11 18:37:38
prion
prion
Session fixation
2009-12-02 16:30:00
Session fixation
2009-12-02 16:30:00
osv
osv
request-tracker3.4 request-tracker3.6 - session hijack vulnerability
2009-12-03 00:00:00
cve
cve
CVE-2009-4151
2009-12-02 16:30:00
CVE-2009-3585
2009-12-02 16:30:00
freebsd
freebsd
rt -- Session fixation vulnerability
2009-12-01 00:00:00
ubuntucve
ubuntucve
CVE-2009-3585
2009-12-02 00:00:00
debian
debian
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.005 Low
EPSS
Percentile
76.0%
Related for UB:CVE-2009-4151