[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-1944 request-tracker3.4 request-tracker3.6 -- session hijack

ID: oval:org.mitre.oval:def:7855Date: (C)2009-12-15   (M)2021-06-02
Class: PATCHFamily: unix




Mikal Gule discovered that request-tracker, an extensible trouble-ticket tracking system, is prone to an attack, where an attacker with access to the same domain can hijack a user's RT session.

Platform:
Debian 5.0
Debian 4.0
Product:
request-tracker3.4
request-tracker3.6
Reference:
DSA-1944
CVE-2009-3585
CVE    1
CVE-2009-3585
CPE    2
cpe:/o:debian:debian_linux:4.0
cpe:/o:debian:debian_linux:5.0

© SecPod Technologies