Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2009-0030
HistoryJan 21, 2009 - 8:30 p.m.

Design/Logic Flaw

2009-01-2120:30:00
PRIOn knowledge base
www.prio-n.com
9

6.3 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.4%

JSON

A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remote authenticated users to access other users’ folder lists and configuration data in opportunistic circumstances by using the standard webmail.php interface. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3663.

CPENameOperatorVersion
squirrelmaileq1.4.8

Related

ubuntucve 2
nessus 19
cvelist 2
seebug 2
cve 2
nvd 2
oraclelinux 2
openvas 43
fedora 6
veracode 2
prion 1
securityvulns 2
freebsd 1
centos 2
redhat 2
ubuntucve
ubuntucve
CVE-2009-0030
2009-01-21 00:00:00
CVE-2008-3663
2008-09-24 00:00:00
nessus
nessus
openSUSE 10 Security Update : squirrelmail (squirrelmail-5978)
2009-02-05 00:00:00
FreeBSD : squirrelmail -- Session hijacking vulnerability (a0afb4b9-89a1-11dd-a65b-00163e000016)
2008-09-24 00:00:00
Scientific Linux Security Update : squirrelmail on SL3.x, SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
cvelist
cvelist
CVE-2009-0030
2009-01-21 20:00:00
CVE-2008-3663
2008-09-24 14:00:00
seebug
seebug
SquirrelMail软件包会话处理绕过认证漏洞
2009-02-19 00:00:00
SquirrelMail不安全COOKE泄漏漏洞
2008-09-25 00:00:00
cve
cve
CVE-2009-0030
2009-01-21 20:30:00
CVE-2008-3663
2008-09-24 14:56:52
nvd
nvd
CVE-2009-0030
2009-01-21 20:30:00
CVE-2008-3663
2008-09-24 14:56:52
oraclelinux
oraclelinux
squirrelmail security update
2009-01-20 00:00:00
squirrelmail security update
2009-01-12 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2009-0057)
2015-10-08 00:00:00
CentOS Update for squirrelmail CESA-2009:0057 centos5 i386
2011-08-09 00:00:00
RedHat Security Advisory RHSA-2009:0057
2009-01-20 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: squirrelmail-1.4.16-1.fc9
2008-10-23 16:35:48
[SECURITY] Fedora 8 Update: squirrelmail-1.4.16-1.fc8
2008-10-24 23:48:16
[SECURITY] Fedora 9 Update: squirrelmail-1.4.17-1.fc9
2008-12-07 04:13:16
veracode
veracode
Session Hijacking
2020-04-10 00:29:08
Information Disclosure
2020-04-10 00:36:07
prion
prion
Design/Logic Flaw
2008-09-24 14:56:00
securityvulns
securityvulns
Squirrelmail: Session hijacking vulnerability, CVE-2008-3663
2008-09-24 00:00:00
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2008-09-24 00:00:00
freebsd
freebsd
squirrelmail -- Session hijacking vulnerability
2008-08-12 00:00:00
centos
centos
squirrelmail security update
2009-01-19 22:38:06
squirrelmail security update
2009-01-12 15:25:30
redhat
redhat
(RHSA-2009:0057) Important: squirrelmail security update
2009-01-19 00:00:00
(RHSA-2009:0010) Moderate: squirrelmail security update
2009-01-12 00:00:00

6.3 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.4%

JSON
Related for PRION:CVE-2009-0030
ubuntucve2nessus19cvelist2seebug2cve2nvd2oraclelinux2openvas43fedora6veracode2prion1securityvulns2freebsd1centos2redhat2