Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2008-3663

Опубликовано: 12 авг. 2008
Источник: redhat
EPSS Низкий

Описание

Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=464183squirrelmail: session hijacking - secure flag not set for HTTPS-only cookies

EPSS

Процентиль: 77%
0.01072
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2008-3663

ubuntu
почти 17 лет назад

Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

nvd логотип

CVE-2008-3663

nvd
почти 17 лет назад

Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

debian логотип

CVE-2008-3663

debian
почти 17 лет назад

Squirrelmail 1.4.15 does not set the secure flag for the session cooki ...

github логотип

GHSA-v6vw-6gwh-pprh

github
больше 3 лет назад

Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

oracle-oval логотип

ELSA-2009-0010

oracle-oval
больше 16 лет назад

ELSA-2009-0010: squirrelmail security update (MODERATE)

EPSS

Процентиль: 77%
0.01072
Низкий