| Revision Date: | 2014-05-26 | Version: | 20 |
| Title: | ELSA-2009:0010: squirrelmail security update (Moderate) |
| Description: | Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. |
| Family: | unix | Class: | patch |
| Status: | ACCEPTED | Reference(s): | CVE-2008-2379
CVE-2008-3663
ELSA-2009:0010-01
|
| Platform(s): | Oracle Linux 5
| Product(s): | squirrelmail
|
| Definition Synopsis |
| Oracle Linux 5.x AND squirrelmail is earlier than 0:1.4.8-5.el5_2.2
|