Lucene search
PRIOn knowledge basePRION:CVE-2008-3662HistorySep 18, 2008 - 6:00 p.m.
Design/Logic Flaw
2008-09-1818:00:00
PRIOn knowledge base
www.prio-n.com
2
Gallery before 1.5.9, and 2.x before 2.2.6, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
References
gallery.menalto.com/gallery_1.5.9_released
gallery.menalto.com/gallery_2.2.6_released
int21.de/cve/CVE-2008-3662-gallery.html
seclists.org/fulldisclosure/2008/Sep/0379.html
secunia.com/advisories/32662
secunia.com/advisories/33144
security.gentoo.org/glsa/glsa-200811-02.xml
www.securityfocus.com/archive/1/496509/100/0/threaded
www.securityfocus.com/bid/31231
www.redhat.com/archives/fedora-package-announce/2008-December/msg00794.html
www.redhat.com/archives/fedora-package-announce/2008-December/msg00832.html
Related
nvd
nvd
CVE-2008-3662
2008-09-18 18:00:00
cvelist
cvelist
CVE-2008-3662
2008-09-18 18:00:00
cve
cve
CVE-2008-3662
2008-09-18 18:00:00
ubuntucve
ubuntucve
CVE-2008-3662
2008-09-18 00:00:00
securityvulns
securityvulns
nessus
nessus
Fedora 9 : gallery2-2.3-1.fc9 (2008-11258)
2008-12-15 00:00:00
Fedora 8 : gallery2-2.3-1.fc8 (2008-11230)
2008-12-15 00:00:00
Fedora 10 : gallery2-2.3-1.fc10 (2008-11218)
2009-04-23 00:00:00
openvas
openvas
Fedora Update for gallery2 FEDORA-2008-11258
2009-02-13 00:00:00
Fedora Update for gallery2 FEDORA-2008-11218
2009-02-13 00:00:00
Fedora Update for gallery2 FEDORA-2008-11230
2009-02-13 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: gallery2-2.3-1.fc10
2008-12-13 15:01:20
[SECURITY] Fedora 9 Update: gallery2-2.3-1.fc9
2008-12-13 15:08:04
[SECURITY] Fedora 8 Update: gallery2-2.3-1.fc8
2008-12-13 15:03:15
gentoo
gentoo
Gallery: Multiple vulnerabilities
2008-11-09 00:00:00