Red Hat SquirrelMail Package Session Management Vulnerability

The Red Hat 'squirrelmail' package is prone to an authentication-bypass vulnerability because of a session-handling error introduced by patches provided by Red Hat Security Advisory RHSA-2009:0010.

Attackers can exploit this issue to hijack other users' sessions and obtain sensitive information that can aid in further attacks.


 

Privacy Statement
Copyright 2010, SecurityFocus