CVE-2010-2795

Published: Aug 5, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

phpCAS before 1.1.2 allows remote authenticated users to hijack sessions via a query string containing a crafted ticket value.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

DSA-2172

vendor-advisory

x_refsource_DEBIAN

ADV-2011-0456

vdb-entry

x_refsource_VUPEN

41240

third-party-advisory

x_refsource_SECUNIA

40845

third-party-advisory

x_refsource_SECUNIA

FEDORA-2010-12258

vendor-advisory

x_refsource_FEDORA

phpcas-tickets-session-hijacking(60894)

vdb-entry

x_refsource_XF

https://issues.jasig.org/browse/PHPCAS-61

x_refsource_CONFIRM

ADV-2010-2909

vdb-entry

x_refsource_VUPEN

https://wiki.jasig.org/display/CASC/phpCAS+ChangeLog

x_refsource_CONFIRM

ADV-2010-2261

vdb-entry

x_refsource_VUPEN

42149

third-party-advisory

x_refsource_SECUNIA

https://forge.indepnet.net/projects/glpi/repository/revisions/12601

x_refsource_CONFIRM

FEDORA-2010-12247

vendor-advisory

x_refsource_FEDORA

43427

third-party-advisory

x_refsource_SECUNIA

42162

vdb-entry

x_refsource_BID

ADV-2010-2234

vdb-entry

x_refsource_VUPEN

FEDORA-2010-16912

vendor-advisory

x_refsource_FEDORA

FEDORA-2010-16905

vendor-advisory

x_refsource_FEDORA

42184

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-2795

Description

Affected Products

References