Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2008-3663

Опубликовано: 12 авг. 2008
Источник: redhat

Описание

Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=464183squirrelmail: session hijacking - secure flag not set for HTTPS-only cookies

Связанные уязвимости

ubuntu логотип

CVE-2008-3663

ubuntu
больше 16 лет назад

Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

nvd логотип

CVE-2008-3663

nvd
больше 16 лет назад

Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

debian логотип

CVE-2008-3663

debian
больше 16 лет назад

Squirrelmail 1.4.15 does not set the secure flag for the session cooki ...

github логотип

GHSA-v6vw-6gwh-pprh

github
около 3 лет назад

Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

oracle-oval логотип

ELSA-2009-0010

oracle-oval
больше 16 лет назад

ELSA-2009-0010: squirrelmail security update (MODERATE)