Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2008-3663

Опубликовано: 12 авг. 2008
Источник: redhat
EPSS Низкий

Описание

Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=464183squirrelmail: session hijacking - secure flag not set for HTTPS-only cookies

EPSS

Процентиль: 79%
0.01272
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2008-3663

ubuntu
около 17 лет назад

Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

nvd логотип

CVE-2008-3663

nvd
около 17 лет назад

Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

debian логотип

CVE-2008-3663

debian
около 17 лет назад

Squirrelmail 1.4.15 does not set the secure flag for the session cooki ...

github логотип

GHSA-v6vw-6gwh-pprh

github
больше 3 лет назад

Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

oracle-oval логотип

ELSA-2009-0010

oracle-oval
почти 17 лет назад

ELSA-2009-0010: squirrelmail security update (MODERATE)

EPSS

Процентиль: 79%
0.01272
Низкий