phpCAS Service Ticket Validation Session Hijacking Vulnerability

Bugtraq ID: 42162
Class: Input Validation Error
CVE: CVE-2010-2795
Remote: Yes
Local: No
Published: Aug 03 2010 12:00AM
Updated: May 07 2015 05:09PM
Credit: Sebastien Portefaix
Vulnerable: Moodle moodle 1.9.9
Moodle moodle 1.9.8
Moodle moodle 1.9.7
Moodle moodle 1.9.6
Moodle moodle 1.9.4
Moodle moodle 1.9.3
Moodle moodle 1.9.2
Moodle moodle 1.8.13
Moodle moodle 1.8.11
Moodle moodle 1.8.10
Moodle moodle 1.8.9
Moodle moodle 1.8.9
Moodle moodle 1.8.8
Moodle moodle 1.8.7
Moodle moodle 1.8.6
Moodle moodle 1.8.5
Moodle moodle 1.8.4
Moodle moodle 1.8.3
Moodle moodle 1.8.2
Moodle moodle 1.9
Jasig phpCAS 1.1.1
Jasig phpCAS 1.1 RC7
Jasig phpCAS 1.1
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Not Vulnerable: Moodle moodle 1.9.10
Moodle moodle 1.8.14
Jasig phpCAS 1.1.2


 

Privacy Statement
Copyright 2010, SecurityFocus