CVE-2006-1228

Priority
Untriaged
Description
Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x
before 4.5.8 allows remote attackers to gain privileges by tricking a user
to click on a URL that fixes the session identifier.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1228
Package
Source: drupal (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:16:58 UTC (commit 5347)