CVE-2013-4762

Опубликовано: 20 авг. 2013

Источник: debian

Описание

Puppet Enterprise before 3.0.1 does not sufficiently invalidate a session when a user logs out, which might allow remote attackers to hijack sessions by obtaining an old session ID.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
puppet	not-affected			package

Связанные уязвимости

CVE-2013-4762

ubuntu

больше 12 лет назад

Puppet Enterprise before 3.0.1 does not sufficiently invalidate a session when a user logs out, which might allow remote attackers to hijack sessions by obtaining an old session ID.

CVE-2013-4762

nvd

больше 12 лет назад

Puppet Enterprise before 3.0.1 does not sufficiently invalidate a session when a user logs out, which might allow remote attackers to hijack sessions by obtaining an old session ID.

GHSA-r8f5-gf56-vhr8

github

больше 3 лет назад

Puppet Enterprise before 3.0.1 does not sufficiently invalidate a session when a user logs out, which might allow remote attackers to hijack sessions by obtaining an old session ID.